Skip to main content

VPN

More
17 years 3 months ago #22824 by westwindshelley
VPN was created by westwindshelley
If a person uses VPN connection to access his company's network.Also he has a linksys router at home where there are 4 other people who get connected to the internet using the same router. If while configuring a VPN client on a remote user's computer one leaves the internet connection sharing enabled then what are the implications of this.Will the other users connected to the same router at home can access the company's website? answer needed ASAP

In God we trust but for everything else we need data
More
17 years 3 months ago #22825 by Smurf
Replied by Smurf on topic Re: VPN
I don't know for definate but I would guess at yes. The Internet Connection Sharing will allow the machine to be used to proxy internet traffic through it, if the VPN is connected, then the traffic may be able to route through that machine to the corporate network.

Its not something i have tested so i cannot be 100% but it sounds plausable.

Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
More
17 years 3 months ago #22826 by westwindshelley
Replied by westwindshelley on topic VPN
I need to give this information to a trainee and it has to be 100% correct. The only problem is that we dont have labs around here.

In God we trust but for everything else we need data
More
17 years 3 months ago #22830 by toddwoo
Replied by toddwoo on topic Re: VPN
ICS Can share a VNP connection to other machines. Thats 100% sure. BUT.. its all in the configuration of the network, the server machine, the clients and the VPN. There is no 100% answer thats right all the time.

BUT i'm not sure I understand what your asking...

If the linksys router is sharing the internet connection between all the home users.. Then your OK.
BUT.
If one of the PC's is using Internet Connection sharing to share the connection there is a potential problem.

Easiest solution. make sure all the "home" users have there own IP address on the "home" network Then only the 1 with the VPN set up on his computer will have access.. Just get rid of MS Internet Connection Sharing all together.. there is no reason to use it if you have a router...( at least none I can think of)
More
17 years 3 months ago #22834 by westwindshelley
Replied by westwindshelley on topic vpn
The answer which you gave me was the one I was looking for. I would appreciate if you can give me a proper explanation based on the following scenarios:-

Scenario 1:- A remote user connected to a linksys router (with built in modem)...3 other users also connected to the same router. all the pc's get connected to the internet through the broadband router...user 1 also connects to his company's network through a vpn connection through the same router...the company network admn had installed a vpn client on his system. Now while installing the vpn client on his system the admn forgot to disable internet connection sharing. Now my question to you is that will the other 3 users also be able to get on to the company's network ?

Scenario 2:- A remote user connected to a broadband modem only...his system has 2 NIC's...with one NIC he gets connected to the internet....he also accesses his company's network through a vpn connection...the other NIC is connected to a hub...3 other users are connected to the same hub...internet connection sharing is enabled on the pc 1...the other 3 pc's share the internet connection...now my question to you is the same as asked before...will the other 3 users also be able to get on to the company's network ?

In God we trust but for everything else we need data
More
17 years 3 months ago #22842 by Smurf
Replied by Smurf on topic Re: vpn

Scenario 1:- A remote user connected to a linksys router (with built in modem)...3 other users also connected to the same router. all the pc's get connected to the internet through the broadband router...user 1 also connects to his company's network through a vpn connection through the same router...the company network admn had installed a vpn client on his system. Now while installing the vpn client on his system the admn forgot to disable internet connection sharing. Now my question to you is that will the other 3 users also be able to get on to the company's network ?


I am not 100% sure on this one. The thing here is (not really played with ICS so others may be able to correct this), do you not need 2 NICs in order to setup ICS ? Your machine with the VPN software installed will have a single NIC that is on the same subnet as the other machines, I am not convinced that ICS will work because it needs to NAT traffic from one address to the other address (unless by the comment "With Built in Modem" you mean that it has a dail-up connection also in order to do the VPN).

Scenario 2:- A remote user connected to a broadband modem only...his system has 2 NIC's...with one NIC he gets connected to the internet....he also accesses his company's network through a vpn connection...the other NIC is connected to a hub...3 other users are connected to the same hub...internet connection sharing is enabled on the pc 1...the other 3 pc's share the internet connection...now my question to you is the same as asked before...will the other 3 users also be able to get on to the company's network ?


I would suspect that in this one, yes it would, the traffic would get routed through the machine and depending on split-tunnelling, they will go down the VPN or if its resources on the Internet, it may just get routed over the Internet via the ISP.

Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Time to create page: 0.141 seconds