LAN access gone when I connect to VPN

You need to talk to your company's IT department whether company policy can be changed to allow you to access your local LAN. That's if your IT department has done this intentionally.

I assume many corporate enterprise VPN concentrators/endpoints work like Cisco's. In the Cisco world, by default, your local LAN connection is turned off by default. This security policy is pushed down to your VPN client so there is no way you can change the behavior locally. To allow local LAN access, a check mark needs to be set on your connection profile at the VPN endpoint. Also if you want to access the internet through your local ISP connection while still being connected to the corporate network, you have to get split LAN tunneling enabled. The reason for these measures is to ensure there is no back door into the corporate network and is done for security reasons.

I guess I'm stuck then (I know they will not change their policy or make an exception! lol!). I guess I was hoping there was some way to configure my PC to conect to two networks at the same time.
So, (thinking aloud) why do motherboards offer two LAN ports (if they don't offer teaming or any other obvious benefits) - just as a backup?? lol!
Thanks for your help though. I appreciate it.

Technically there is a work around, purchase a network card, about $10, another ethernet cable and setup new nic for home network and leave other for VPN. It will work and can still do both at same time without disconnecting VPN

That would be awesome! I just don't know how to configure it. I connect to the VPN using my wireless card, so I have the ethernet port free. How do I make the Print commands from my PC go to my ethernet port?

OK here goes, several things would have to change, leave the wireless for your VPN, using a laptop if correct, you have wireless router, plug the laptop into router with cable for home network, then you should setup everything to automatic for easier connectivity (printer and home network), this way the router assigns all the IP's on the network including network printer, then share the printer and the files you want, If you go Static IP (business line???) then youhave to set the static IP up in your local area connection in the network connections in control panel. Right click on local area connection, left click on properties, highlight "Internet protocol" (TCP/IP) and choose properties, choose setup manually and enter your static IP for that network, do the same for DNS if necessary. HIt ok and reboot PC. But this is more complexe of a setup. Your best bet is to go automatic and let the router do the work. Less hassles and less network issues.

rattman169, thank you for your suggestion!
I actually tried this (DHCP enabled on router - automatic detection for TCP/IP settings on notebook), but the problem is that when I am connected on the VPN (using wireless) and am on outlook and try to print, the printer is not detected. The moment I connect to the VPN, I cannot ping anything on my LAN except my gateway (wireless router)
(I tried this with my firewall disabled)

Split tunneling is/has disabled.

and split tunneling would need to be enabled by the IT dept that supports the VPN concentrators? (or can it be enabled on my PC?)

I see the problem, your outlook is setup for work, probably on an microsoft exchange server, the problem here is you are trying to print from them exchange server which is dedicated to the company and your home network printer is not part of the exchange server. There is a work around but I am not completely knowledgable with exchange.

Hi Buddy,

If Cisco VPN concentrator is there in your network then without enabling Split tunneling you still connect to both the network .here is the available link for this which you check and do to do it .

http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/p...


cheers friend
Yogesh

Oh wow! This is an ooooold thread!  
Thank you for your response Yogesh. I've since moved to a different company where this problem is not there - I've bookmarked this site for future though.

Thanks again  

I am using Juniper Networks vpn 7.1.0.20169 with laptop's WiFi.
is there any way to use local LAN for local access and printing while connected to vpn.

Normally, maintaining access to your local network shouldn't be a problem. All a VPN does is create a secondary network that (under the covers) runs over the existing network connection (think of it as a virtual network adapter). From the perspective of the OS, it's just another network adapter/connection to another network. And you can have as many different network adapters/connections as you like. The OS decides which network adapter/connection applies based on the IP address.

That said, one complication that can occur is if the remote network is using the same network as your network (e.g., 192.168.1.x). Routing is now ambiguous. Which network should be used to access the device @ 192.168.1.100, local or remote? That's why it's vital that each side of the VPN use DIFFERENT networks (e.g., 192.168.1.x and 192.168.2.x).

I suppose too, if the VPN provides its own VPN client, that client might have issues, or be improperly (intentionally?) designed to force all traffic over the VPN, regardless whether it's actually local or not. Maybe it even makes sense in some cases from a security perspective (e.g., no chance for making an errant network broadcast on an open wifi system). Perhaps it's configurable w/ the VPN client? FWIW, I can confirm that using the Microsoft VPN client w/ PPTP doesn’t exhibit these problems. You may simply have to consider another VPN provider if indeed its their own VPN client that's the problem.