Re: Split Tunneling in the Windows VPN Client???

Why (and how) would you send local traffic through the tunnel? Local
traffic is sent "on the wire" using hardware addressing.

Whether local traffic should be blocked when the VPN is up is another
question altogether. I can't see any point in doing so myself.

Daniel Bartlett wrote:
> Is there any way to tunnel ALL network packets through an established
> VPN connection??? Checking the "Use default gateway on the remote
> network" option tunnels all remote traffic through the tunnel but as
> stated in the description of this check box, it states "data that
> cannot be sent on the local network is forwarded to the dial-up
> network". This implies that "local network" traffic does not get
> pushed through the tunnel (causing a DNS resolution issue in my case
> but irrelevant to this question!)
>
> I think this is a security flaw that should be addressed by Microsoft
> as it is still a form of split tunneling. This setting implies that
> I can still communicate with devices on my home network (local) while
> having a VPN connection established. This potentially allows someone
> on the internal network hijack my workstation while I am connected to
> the VPN. This is in my mind NOT disabling split tunneling.
>
> Cisco's VPN client implementation does enforce no split tunneling by
> forwarding ALL packets through the tunnel including any packet that
> would normally be destined for a local network. This can confuse end
> users because when connected to the VPN, they cannot even see
> anything on their home network. However, this is truely disabling
> split tunneling and should be the way it works.
>
> I am supprised the Microsoft client would allow this and I suspect
> that there may be a registry setting to forward ALL packets through
> an established tunnel and truely disable split tunneling but I have
> been unsuccessful at finding it. Any help or valid workaround would
> be greatly appreciated.


.

Relevant Pages

  • Re: VPN and Fedora server/Win client?
    ... > I'm not even sure if what we want to do, VPN can allow. ... VPN is a method to extend a private network by actually transporting ... the tunnel, two at each end, one for the private network ...
    (comp.os.linux.misc)
  • Re: VPN and Fedora server/Win client?
    ... > I'm not even sure if what we want to do, VPN can allow. ... VPN is a method to extend a private network by actually transporting ... the tunnel, two at each end, one for the private network ...
    (comp.os.linux.security)
  • Re: What traffic is pumped through the VPN?
    ... pumped through the tunnel because, in spite of my home machine being ... physically far from our LAN, the VPN by design made my computer ... while I was on the VPN anything that was blocked by my ... came from my network card went through my org's network just as if I ...
    (comp.dcom.vpn)
  • Re: Need begineers guide to open VPN
    ... I need to set up a tunnel ... how does the vpn know ... The way the network knows about the ... of the word "bridge" --- a device set up to BRDGE both network segments. ...
    (comp.os.linux.security)
  • RE: Printer access lost
    ... That is why you do not have access to your local network while you have the tunnel. ... to use the remote network default gateway in your VPN connection properties. ...
    (microsoft.public.windowsxp.network_web)
Loading