[windows2000] Re: Two NICs & two networks

  • From: "Sullivan, Glenn" <GSullivan@xxxxxxxxxxxxxx>
  • To: <windows2000@xxxxxxxxxxxxx>
  • Date: Mon, 4 Oct 2004 08:08:39 -0400

Ray,

You are going to have to get the VPN admin to turn on "Allow Split
Tunneling" on the concentrator, or you will never get it to work.

I hope he either likes you, or is a security-wise troll, because
otherwise you'll have a tough time getting him to do it... I DO like
you, but I still wouldn't do it for you...

Think of this: your machine gets compromised by some sort of
trojan/rootkit that allows someone to grab control remotely.  And you
check "Save Password" on your dial-up settings... BAM! Remote compromise
of the company network.

At least, with split tunneling turned off, once the remote-controller
initiated the VPN concentrator, he gets disconnected...

HTH, 


Glenn Sullivan, MCSE+I  MCDBA
David Clark Company Inc. 
-----Original Message-----
From: windows2000-bounce@xxxxxxxxxxxxx
[mailto:windows2000-bounce@xxxxxxxxxxxxx] On Behalf Of Ray at home
Posted At: Monday, October 04, 2004 7:51 AM
Posted To: Windows 2000
Conversation: [windows2000] Re: Two NICs & two networks
Subject: [windows2000] Re: Two NICs & two networks


 

> -----Original Message-----
> From: Spriggs Jon
>
> As I recall, in the options, there should be a tick box for "Allow 
> Local LAN access"... But I don't exactly know which Cisco dialer I've 
> got, compared to yours. Having said that, I've connected to my 
> machines at home without any difficulty while I've been VPN'd into 
> work, and my "Allow local lan access"
> is turned off. Hmmmm.

Sure enough, there is a "allow local LAN access" checkbox.  I just
checked that and connected, but was still unable to access any of the
192.168.0.* computers (the ones on my home network).  I at least have
something a little more specific to Google now.  Thanks.
> 
> Are you able to change IP addresses of machines at home without too 
> much bother? It may be worth changing your home range to 10.x.x.x?

I was thinking about changing them all to 192.168.1.*, but then I was
afraid that if I successfully got my computer to someday be a "bridge"
between the two networks, my home computers wouldn't start having IP
conflicts with computer's at work.  :]

 
> Have you tried pinging a machine on your local network? Do you get a 
> response? If not, what's the error message you're getting?

That I had tried, and just got a normal timeout.

Ray at home


********************************************************
This Weeks Sponsor StressedPuppy.com Games Feeling stressed out? Check
out our games to relieve your stress.
http://www.StressedPuppy.com
********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.

http://thethin.net/win2000list.cfm
********************************************************
This Weeks Sponsor StressedPuppy.com Games
Feeling stressed out? Check out our games to
relieve your stress.
http://www.StressedPuppy.com
********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.

http://thethin.net/win2000list.cfm

Other related posts: