02-05-2013 07:29 AM
Hi
I am running Windows Server 2012 Standard on a VM (VMWare Player 8), on a Win 7 Ultimate host.
My VM is using a NAT configuration to provide internetg access from the host. This works fine until I connect to my employer's network using the Cisco VPN Client version 5.0.07.0440 (running on the win2012 VM). Although I then get access to my employers network I loose internet access on my VM.
Could any please tell me how I can prevent the internet connection from being dropped?
Thanks
Rob.
02-05-2013 08:17 AM
Hi,
I would seem to me that if you are using a Cisco VPN Client (AnyConnect or old IPsec client) to your company network and loose internet connectivity that the reason for this is that the VPN Client connections is configured as "Full Tunnel" and the configurations on the VPN device are done so that it doesnt allow the traffic to Internet but only to the company network.
When you have the VPN Client connection active, try to open the Statistics or Advanced menu (depending on the Client software) and find the routing section of the that window. If the Client says something like "0.0.0.0 0.0.0.0" it means that all traffic from the VPN Client computer is forwarded to the VPN connection and no traffic heads out of your local Internet connection.
For Internet connections to work at the same time, either the VPN Client profile configurations need to be changed at the central site to allow connectivity to the Internet or the VPN Client connection type needs to be changed to "Split Tunnel" which would only forward traffic destined to your company network to the VPN and rest would use your local Internet connection.
Hopefully I made any sense
- Jouni
02-05-2013 11:06 AM
Hi Jouni, thank you for your reply.
When I view the "Route Details" table of the VPN client I can see that "Lacal LAN Routes" pane is blank. The "Secured Routes" pane lists one entry: Network=0.0.0.0 Subnet Mask=0.0.0.0.
Is there any change I can make that client to enable concurrent internet access from the VM, or is this something that must be done by the central VPN administrator?
Thanks, Rob.
02-05-2013 11:20 AM
Hi,
So seems the VPN Client connection you are using is "Full Tunnel" type. This means all traffic will get forwarded to the central/company site.
So enable Internet traffic while using the VPN Client connection you will need to either
I dont think there is much chances to accomplish this otherwise. The central side devices the VPN policy
Even though not a solution, in my work laptop I use a separate Virtual XP machine to sometimes initiate VPN Client connections which leaves my actual computer free to connect as it wants. Though this is mostly used by me to test VPN Connections and troubleshoot customer VPN problems.
- Jouni
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide