I would hope he would be able to understand it. ;)

Typically it is done host side because, when you build the connection,
routing tables are passed down (should be) to your computer.  They probably
just went the easy way out and set th default route to the VPN interface,
whereas the IP addresses for their network should only be attributed to your
VPN.

Ok ... basic routing example

Ok, say the initial default gateway, given from your cable company, is
60.61.50.51.  Your computer knows to send all network packets that doin't
have a specific rule for them, to that address.  That is the address fo a
rotuer and then it finds out where to properly route the packets.

Now, you create your VPN.  You get a virtual network card created.  The
computer you conencted to is a router as well.  Say it is 10.11.8.9.

Also, let's say your company uses the ip address 10.10.10.20 for the iSeries
machine.

When connected to the VPN, it should drop a routing entry to your computer
that says "route all packets for 10.10.10.20 to the router at 10.11.8.9".

So now, if a packet is destined for the iSeries, it goes over the VPN,
otehrwise it goes over the cable modem.

----- Original Message ----- 
From: "Dan Bale" <dbale@xxxxxxxxxxxxx>
To: "PC Technical Discussion for iSeries Users" <pctech@xxxxxxxxxxxx>
Sent: Wednesday, August 04, 2004 3:54 PM
Subject: RE: [PCTECH] VPN questions


> > -----Original Message-----
> > From: pctech-bounces@xxxxxxxxxxxx / Adam Lang
> > Sent: Wednesday, August 04, 2004 3:34 PM
> >
> > When you say surf the Internet, you mean through your home connection,
> > right?  That is not the fault of VPN, it is the fault of faulty routing
> > tables your company is passing onto you.  They should have it setup
where
> > data for their specific network goes over the VPN and everything else
goes
> > over your cable modem.
>
> Is that done on the client side (home PC) or on the host side?  If I show
> your response to the network admin, is this something he should be able to
> understand?  Could have it been done deliberately for "more security" or
> somesuch?
>
> > As for the restrictions to the rest of their network, that is a security
> > implementation put in place by your company.
>
> I mentioned the restrictions because I was trying to point out that I
> wouldn't be able to surf the web from work.  I currently have no need to
> access the other parts of our network from home.
>
> Thanks again,
> db


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.