Re: What traffic is pumped through the VPN?
- From: Mike Drechsler - SPAM PROTECTED EMAIL <mike-newsgroup@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 05 Nov 2007 02:18:02 GMT
StandardGreen wrote:
When I'm VPN'd into my organization's network, is every bit of traffic
that goes down my TCP/IP stack funneled through the tunnel (rhyme
unintended) and into my org's network? Here's why I ask this:
It was my understanding that any traffic that my machine generated was
pumped through the tunnel because, in spite of my home machine being
physically far from our LAN, the VPN by design made my computer
interact with the work LAN as if it was plugged into the
organization's cable plant.
Predictably, while I was on the VPN anything that was blocked by my
org's filtering system was blocked on my home machine because, for all
intents and purposes, I was on my work LAN. Furthermore, showip.net
revealed my home PC as having the external IP of my workplace's ISA
server; whoising my nickname on IRC revealed my organizations address,
etc.. For this reason, as well as what little I've learned about the
guts of VPNs, I was under the impression that every '1' and '0' that
came from my network card went through my org's network just as if I
was plugged into the physical network. I didn't think that there was
any discrimination as to which traffic, or protocol, or port numbers
would go on the VPN or stay on my home network (except for traffic
specifically pointed towards my home network IP range of
192.168.1.0/24 rather than my work range of 10.0.0.0/16).
Lately I noticed that sites are no longer blocked while I'm on the
VPN, but they are blocked for every non VPN user inside my workplace.
I brought it up to one of my fellow IT workers who was surprised to
hear it. However, another IT person disputed my understanding that all
traffic generated on a VPN client went through the tunnel and onto the
corporate LAN. He said that port 80 traffic didn't go through the VPN
(which baffled me because of showIP.com telling that I had my org's
external address instead of my home's external IP). Puzzled, I've been
looking for answers.
Anyone care to help me in my understanding of VPNs? Could someone
share some good resources on VPNs and their behavior? Some 30,000 foot
material would be good to start with (not quite "for Dummies" but not
Cisco Press either).
Thanks,
StandardGreen
A VPN tunnel can be configured to send all or only some of the traffic over the tunnelled connection. It all depends on how the administrator has set things up. It is also possible to configure policies that are different for traffic exiting the corporate LAN depending on if they came from a desktop physically on site or if the traffic is from a VPN tunnel into the network. Just because a service or website is blocked on site it doesn't mean that they couldn't use a different policy for VPN traffic.
--
WARNING! Email address has been altered for spam resistance.
Please remove the -deletethispart-. section before replying directly.
Mike Drechsler (mike-newsgroup@xxxxxxxxxxxxxxxxxxxxxxxxxxxx)
.
- Follow-Ups:
- Re: What traffic is pumped through the VPN?
- From: StandardGreen
- Re: What traffic is pumped through the VPN?
- From: StandardGreen
- Re: What traffic is pumped through the VPN?
- From: Rick Merrill
- Re: What traffic is pumped through the VPN?
- References:
- What traffic is pumped through the VPN?
- From: StandardGreen
- What traffic is pumped through the VPN?
- Prev by Date: What traffic is pumped through the VPN?
- Next by Date: Re: What traffic is pumped through the VPN?
- Previous by thread: What traffic is pumped through the VPN?
- Next by thread: Re: What traffic is pumped through the VPN?
- Index(es):
Relevant Pages
|
