Sign in with
Sign up | Sign in
Your question

Work proxy bypass on home network

Last response: in Networking
Share
August 23, 2012 2:44:26 PM

Hello, I have a question; When I'm at work, I have internet (though a proxy) and remote access to the linux computers at work (the work laptop runs win 7)

when I have to work at home, the work VPN that we were given has no internet access but I can connect to the remote linux computer that I need just fine.

the linux computer has no internet access and more often than not is missing modules and dependencies.

my question is: (long winded I know, :-)

Is there a way to enable my home wifi network and the VPN so that the work computer can access the internet locally while I'm working? just one browser is all I need....
I currently have to disable the vpn, download my modules and then connect, to install them. which isn't really that practical especially when you have dependencies... any help would be appreciated!

Thanks in advance!
August 23, 2012 3:09:53 PM

You can't make the linux machine use the proxy ?

If the IT guys are smart it will be impossible to access the internet locally when you have the vpn up. This is the split tunnel problem...which you can seach if you need details.

The only way to get around this is run a second machine. If you are lucky you can run a virtual machine with a small OS that pretty much just runs the browser. Some VPN clients lock the stack down so hard that does not work. Then you must run the VPN inside the virtual machine and use the real machine to access stuff.

Other option is if you leave your work laptop at work can you remote desktop your work laptop over the VPN.
August 23, 2012 3:23:54 PM

What your VPN client is doing is changing your default gateway to the VPN server, thus all attempts to access the internet are directed over the VPN and go nowhere. But most VPN clients should allow you to configure this option so it doesn’t do this. So the first thing I would do is find that configuration option (e.g., w/ Microsoft PPTP VPN, it's under the TCP/IP configuration, Advanced options).

But when it comes to third-party VPN clients, there’s no telling whether they offer this option, or if provided by the employer, if it might even be locked down to work this way.

If you can’t find the option, and assuming the VPN client isn't so evil as to lock down the routing tables, you should be able to undo the change of default gateway made by the VPN manually, using the route command from a DOS prompt.

route delete 0.0.0.0
route add 0.0.0.0 mask 0.0.0.0 192.168.1.1

The first command deletes the current default gateway, the second adds back your router as the default gateway (of course, if your router’s IP is different, change it accordingly).

Note, this isn’t permanent. It will only last until you reboot. You would need to do this each time you start the VPN.

Or else, as bill001g suggests, using a VM to create two independent environments, one w/ the VPN, one w/o.
Related resources
August 23, 2012 3:45:25 PM

Most the commercial VPN clients I have used immediately drop the VPN session as soon as you enter any ROUTE ADD or DELETE command.
I deal with this all the time, our users want to print to their local network printer when working from home...pretty reasonable request.
So far the only solution other than disabling the split tunnel is to tell them to run a USB cable to the printer...which they don't like much.
August 23, 2012 3:53:54 PM

bill001g said:
Most the commercial VPN clients I have used immediately drop the VPN session as soon as you enter any ROUTE ADD or DELETE command.
I deal with this all the time, our users want to print to their local network printer when working from home...pretty reasonable request.
So far the only solution other than disabling the split tunnel is to tell them to run a USB cable to the printer...which they don't like much.


Good information, I figured as much. But if it's just a MS PPTP VPN, it will definitely work. Third parties more questionable.
August 24, 2012 8:15:00 AM

Wow, I didn't expect so many replies. Thanks guys! Luckily I'm using a windows VPN, and using @bill001g and @eibgrad's posts I found more info on the split tunnel problem. this link on how to enable it on the vpn worked perfectly for me so I'll include it for anyone else.
http://www.isaserver.org/tutorials/vpn_client_security_...

"Other option is if you leave your work laptop at work can you remote desktop your work laptop over the VPN."
I hadn't thought of that before, but thats a great workaround.

Thanks again everyone! (Now how do I mark this Q as answered?)
!