Virtual Private Networking → How to Manage Two Network Connections - Public and VPN

Hello All,

Thank you for this forum, it is a great resource.

My question has to do with managing VPN traffic. I recently joined a company that has a corporate VPN for file sharing. I have high speed FIOS (50/35) and my office laptop is wired (over Netgear Power-over-AC, working well).

When I connect to the VPN, that takes priority for all subsequent traffic it looks like, which slows me to a crawl. Is there a way to set an effective priority or sequence for selecting the network adaptor? For example, I'd want it to use the VPN last. Or is there a way to associate some processes or domains to the VPN adaptor and have all other traffic mostly web traffic go to my publicly facing adaptor? I do have to use some websites over the VPN so it is not a clean as saying file system access (via Active Directory) vs. web traffic...

Thanks for your help!

Mark

Couple of questions. What is the VPN client you're using?

Is this "slowness" happening on just your PC or is it also affecting other users in your home?

If the slowness is only affecting your PC, then there probably isn't much you can do about it. Your VPN client is not allowing for a "split tunnel", in which case all of your internet destinations are tunneled through the VPN connection.

It's important realize that your company’s VPN doesn’t support split tunneling probably because THEY WANT IT THAY WAY, for security reasons. IOW, it’s not a mistake or mis-configuration, and to do otherwise could be considered a violation of company policy. The purpose is to limit the exposure of the company network from your own internet gateway.

When this is the case, your only option is to use another machine (because it will have its own, unaltered routing tables). TIP: Nothing says that machine couldn’t be a virtual machine.

Yes, most sane companies will make sure ALL traffic goes through their firewalls if anyone is accessing their network.

It is possible to do otherwise, but the company is not safe if you have access to them and directly to the internet.

Be happy your company is protecting their data (and your livelihood) so diligently.

Thank you for the replies. I definitely respect the security concerns and did not understand that we were looking at a binary situation using two network adaptors simultaneously.

I like the Virtual machine idea! Any suggestions?

Regards and thanks again,

Mark

Pretty eibgrad and jimbopalmer got it in one as to why all traffic is slow / being forced back to
the corporate office for inspection / policy-enforcement.

Still didn't answer aguen 's question HOW you're connecting back -- did they issue you a company laptop
wih VPN software? Did they issue you a "home router" that you "just dropped in on your home network connection?"
If the former, I'd just use the office computer for WORK-only and stick to internet browsing on your home computer.

My 00000010bits.

Regards