Hot Downloads

Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1
  • 2

TOPIC: VPN

VPN 9 years 3 months ago #22824

If a person uses VPN connection to access his company's network.Also he has a linksys router at home where there are 4 other people who get connected to the internet using the same router. If while configuring a VPN client on a remote user's computer one leaves the internet connection sharing enabled then what are the implications of this.Will the other users connected to the same router at home can access the company's website? answer needed ASAP
In God we trust but for everything else we need data
The administrator has disabled public write access.

Re: VPN 9 years 3 months ago #22825

  • Smurf
  • Smurf's Avatar
  • Offline
  • Moderator
  • Posts: 1390
  • Karma: 1
I don't know for definate but I would guess at yes. The Internet Connection Sharing will allow the machine to be used to proxy internet traffic through it, if the VPN is connected, then the traffic may be able to route through that machine to the corporate network.

Its not something i have tested so i cannot be 100% but it sounds plausable.
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
The administrator has disabled public write access.

VPN 9 years 3 months ago #22826

I need to give this information to a trainee and it has to be 100% correct. The only problem is that we dont have labs around here.
In God we trust but for everything else we need data
The administrator has disabled public write access.

Re: VPN 9 years 3 months ago #22830

  • toddwoo
  • toddwoo's Avatar
  • Offline
  • Distinguished Member
  • Posts: 173
  • Karma: 0
ICS Can share a VNP connection to other machines. Thats 100% sure. BUT.. its all in the configuration of the network, the server machine, the clients and the VPN. There is no 100% answer thats right all the time.

BUT i'm not sure I understand what your asking...

If the linksys router is sharing the internet connection between all the home users.. Then your OK.
BUT.
If one of the PC's is using Internet Connection sharing to share the connection there is a potential problem.

Easiest solution. make sure all the "home" users have there own IP address on the "home" network Then only the 1 with the VPN set up on his computer will have access.. Just get rid of MS Internet Connection Sharing all together.. there is no reason to use it if you have a router...( at least none I can think of)
The administrator has disabled public write access.

vpn 9 years 3 months ago #22834

The answer which you gave me was the one I was looking for. I would appreciate if you can give me a proper explanation based on the following scenarios:-

Scenario 1:- A remote user connected to a linksys router (with built in modem)...3 other users also connected to the same router. all the pc's get connected to the internet through the broadband router...user 1 also connects to his company's network through a vpn connection through the same router...the company network admn had installed a vpn client on his system. Now while installing the vpn client on his system the admn forgot to disable internet connection sharing. Now my question to you is that will the other 3 users also be able to get on to the company's network ?

Scenario 2:- A remote user connected to a broadband modem only...his system has 2 NIC's...with one NIC he gets connected to the internet....he also accesses his company's network through a vpn connection...the other NIC is connected to a hub...3 other users are connected to the same hub...internet connection sharing is enabled on the pc 1...the other 3 pc's share the internet connection...now my question to you is the same as asked before...will the other 3 users also be able to get on to the company's network ?
In God we trust but for everything else we need data
The administrator has disabled public write access.

Re: vpn 9 years 3 months ago #22842

  • Smurf
  • Smurf's Avatar
  • Offline
  • Moderator
  • Posts: 1390
  • Karma: 1
Scenario 1:- A remote user connected to a linksys router (with built in modem)...3 other users also connected to the same router. all the pc's get connected to the internet through the broadband router...user 1 also connects to his company's network through a vpn connection through the same router...the company network admn had installed a vpn client on his system. Now while installing the vpn client on his system the admn forgot to disable internet connection sharing. Now my question to you is that will the other 3 users also be able to get on to the company's network ?

I am not 100% sure on this one. The thing here is (not really played with ICS so others may be able to correct this), do you not need 2 NICs in order to setup ICS ? Your machine with the VPN software installed will have a single NIC that is on the same subnet as the other machines, I am not convinced that ICS will work because it needs to NAT traffic from one address to the other address (unless by the comment "With Built in Modem" you mean that it has a dail-up connection also in order to do the VPN).
Scenario 2:- A remote user connected to a broadband modem only...his system has 2 NIC's...with one NIC he gets connected to the internet....he also accesses his company's network through a vpn connection...the other NIC is connected to a hub...3 other users are connected to the same hub...internet connection sharing is enabled on the pc 1...the other 3 pc's share the internet connection...now my question to you is the same as asked before...will the other 3 users also be able to get on to the company's network ?

I would suspect that in this one, yes it would, the traffic would get routed through the machine and depending on split-tunnelling, they will go down the VPN or if its resources on the Internet, it may just get routed over the Internet via the ISP.
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
The administrator has disabled public write access.
  • Page:
  • 1
  • 2
Time to create page: 0.084 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup