 |  |  |  |  |  |  |  |
VPN from home
Thread Solved |
Hi, I work from home and with a wireless router had my g/fs and my own personal computer connected wirelessly and with my work computer connected into the router via Ethernet cable. I then used Win Xp VPN to connect to the company network.
Now they have sent me a 2nd router, which is not wireless. I now wire router #1 (the one they sent) to the modem and the work computer connects to router #1. Router #2 (wireless) also connects to router #1 and the personal computers connect to router #2. They set up a VPN ipsec tunnel to the company network integrated into router #1.
My question is: Can they pick up traffic from my personal computers which are wirelessly connected to router #2? I notice I can type in one of the company server local IP addresses (i.e., 192.XXX) on my personal computer and get the page that would be otherwise inaccessible.
Now they have sent me a 2nd router, which is not wireless. I now wire router #1 (the one they sent) to the modem and the work computer connects to router #1. Router #2 (wireless) also connects to router #1 and the personal computers connect to router #2. They set up a VPN ipsec tunnel to the company network integrated into router #1.
My question is: Can they pick up traffic from my personal computers which are wirelessly connected to router #2? I notice I can type in one of the company server local IP addresses (i.e., 192.XXX) on my personal computer and get the page that would be otherwise inaccessible.
Last edited by Shiggity; May 27th, 2008 at 7:04 pm.
•
•
Join Date: Oct 2006
Posts: 1,294
Reputation: 
Solved Threads: 96
•
•
•
•
Originally Posted by Shiggity 
Hi, I work from home and with a wireless router had my g/fs and my own personal computer connected wirelessly and with my work computer connected into the router via Ethernet cable. I then used Win Xp VPN to connect to the company network.
Now they have sent me a 2nd router, which is not wireless. I now wire router #1 (the one they sent) to the modem and the work computer connects to router #1. Router #2 (wireless) also connects to router #1 and the personal computers connect to router #2. They set up a VPN ipsec tunnel to the company network integrated into router #1.
My question is: Can they pick up traffic from my personal computers which are wirelessly connected to router #2? I notice I can type in one of the company server local IP addresses (i.e., 192.XXX) on my personal computer and get the page that would be otherwise inaccessible.
Not enough information to fully answer your question.
Currently your Wireless Network is routing through your router handling the IPsec tunnel, hence the reason you are able to see everything on the Inside of your Company Network.
If your company has configured the Router #1 to use their internal DNS and they have the appropriate security enabled, then YES they could monitor all traffic from your "Home" going through Router #1 from Router #2. They would not be able to see the specific machine on the inside of Router #2 unless they themselves programmed the access. For instance, if you are connecting a Linksys wireless router (Router #2) to a Cisco 1705 router (Router #1) all they can see is the outside IP of the Linksys.
If they are not handling your DNS and instead using a NAT command with the IPsec to connect to the internal network, then no you are routing through your ISP's DNS server.
If your goal is to separate your Home & Work networks, the better option would be to go through your ISP and see if it is possible to add a second Dynamic IP to your service. If you currently have a Static IP for your Work Router, request a second Static IP. Purchase yourself a 4-Port workstation switch, and connect it to your modem. Then connect Router #1 & Router #2 to the switch (parallel), instead of through one another (series).
PLEASE NOTE: If your IP is currently Static, confirm that your ISP keeps that IP. Otherwise you may need to have your Router #1 reprogrammed. Also, if you have programmed any static routes in Router #2 you will need to set it back to DHCP, or set to the Static IP given by your ISP.
Currently your Wireless Network is routing through your router handling the IPsec tunnel, hence the reason you are able to see everything on the Inside of your Company Network.
If your company has configured the Router #1 to use their internal DNS and they have the appropriate security enabled, then YES they could monitor all traffic from your "Home" going through Router #1 from Router #2. They would not be able to see the specific machine on the inside of Router #2 unless they themselves programmed the access. For instance, if you are connecting a Linksys wireless router (Router #2) to a Cisco 1705 router (Router #1) all they can see is the outside IP of the Linksys.
If they are not handling your DNS and instead using a NAT command with the IPsec to connect to the internal network, then no you are routing through your ISP's DNS server.
If your goal is to separate your Home & Work networks, the better option would be to go through your ISP and see if it is possible to add a second Dynamic IP to your service. If you currently have a Static IP for your Work Router, request a second Static IP. Purchase yourself a 4-Port workstation switch, and connect it to your modem. Then connect Router #1 & Router #2 to the switch (parallel), instead of through one another (series).
PLEASE NOTE: If your IP is currently Static, confirm that your ISP keeps that IP. Otherwise you may need to have your Router #1 reprogrammed. Also, if you have programmed any static routes in Router #2 you will need to set it back to DHCP, or set to the Static IP given by your ISP.
Thanks,
Wes
Wes
Not sure if they are handling DNS or not...when I go to whatismyipaddress.com I get the address assigned by my ISP rather than theirs.
Looks also like when I type ipconfig /all I get my own ISP's DNS servers. Does this mean I am secured here? I don't want to pay extra for two static IPs if I don't have to. Thanks for the reply by the way.
•
•
•
•
Originally Posted by Shiggity
Looks also like when I type ipconfig /all I get my own ISP's DNS servers. Does this mean I am secured here? I don't want to pay extra for two static IPs if I don't have to. Thanks for the reply by the way.
If you are getting your ISP's DNS then you should be fine as you are. It means that your internet traffic is being handled by your ISP, not your company.
Thanks,
Wes
Wes
 |
Similar Threads
- Setting Up a VPN (Networking Hardware Configuration)
- Can´t make JDBC connection to MS SQL from home? (MS SQL)
- Wireless connection keeps dropping from vpn to Terminal Server.... (Networking Hardware Configuration)
- Can't get VPN to work (Windows NT / 2000 / XP)
- Computer Access throught Internet (Networking Hardware Configuration)
- Removal of Home Search Assistent (Viruses, Spyware and other Nasties)
- Print Server / VPN (Networking Hardware Configuration)
- How to Enable ICS on a Home or Small Office Network Connection in Windows XP (Windows tips 'n' tweaks)
Other Threads in the Network Security Forum
- Previous Thread: CA Could Ride Data Security Coat Tails to Higher Stock Price
- Next Thread: WPA-PSK cracking
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Related Forum Features
Latest Network Security Posts
- Today's Posts
- Unanswered Threads
2008 adobe advice antivirus apple banking blackhat botnet browser business china confidentiality crack crime cybercrime daniweb data database dataloss dataprotection development email emailretention encryption europe exploit facebook fail firefox flash forensic fraud gadget gartner google government hack hacker hacking hardware homelandsecurity idtheft information internet iphone kaspersky koobface law linux malware mcafee mckinnon microsoft military mobile music nasa nationalsecurity network networks news obama password passwords pentagon phishing phone php politics privacy report research review sans satnav scam school search security skype socialnetworking software softwaredevelopment spam sqlinjection survey symantec terrorism terrorist theft trends trojan twitter uk usb virus vulnerability web worm yahoo
