Maybe to you, but it is correct. :) If you connect remotely you have to login first. How are all those other sites suppose to login? Remember we are talking about remotely connecting not being part of the network to begin with. I also said that the tunnel was the VPN's not yours. Connecting to the VPN from outside requires you to ask to connect. If you don't there is no tunnel no connection. The only traffic that goes through the tunnel is traffic that goes through that specific connection.
Yes it does. This is about remotely connecting. If you are within the network not remotely connected then protection/permissions are different.
No, traffic is routed through the tunnel if it matches the netmask for the tunnel.
It has nothing to do with tabs...
You keep talking about a split tunnel while the OP keeps asking about a full tunnel.
Q: "I want to get a dog." A: "What kind of cat do you want?"
Char Jackson wrote, on Sat, 06 Sep 2014 12:03:29 -0500:
I wouldn't ever consider any other type of VPN than "full". I had never even heard of this half-VPN stuff until this thread. This half-vpn stuff is never what I have been talking about.
For some reason, *everything* you say, I can not only understand, but I agree with.
I understand everything you said above, but just to be clear, I was never talking about roll-your-own tunnels.
I didn't understand a thing in that paragraph either.
Well, the OP keeps telling us to assume it's a full tunnel VPN, and you keep doing one of two things:
Only *IF* it's a split tunnel, which the OP says it is not.
You're making me wonder if you understand the difference between a split tunnel and a full tunnel.
Because the VPN was setup to protect it's own/the company's network not you. If you are within the network, not remotely connect for a period of time, then the VPN is protecting the network by controlling what you can cannot do at all times. If you are remotely connected then the VPN only has to make sure that the traffic between you and it is protected. The VPN could careless about connections you are making to other places that are not in it's network.
If you are remotely connected to a private VPN you most likely can't go to those sites through the tunnel.
A proxy can give you a fake IP. With that fake IP the ISP doesn't know that it is you.
Why not?
Using a local forward proxy doesn't make any sense. With or without it, your traffic goes out with your real IP address as the source. What have you gained?
Changed from what to what? Most of us only have a single routable IP address.
The proxy, regardless of where it sits, *can't* use the original source IP on its outgoing requests. It *has to* use its own address, otherwise you'll have triangular (asymmetric) routing. You talk to the proxy, the proxy talks to your intended destination, and that server tries to talk back to you directly because the proxy used your address as the source IP? That won't work; the connection will be dropped.
On 09/06/2014 01:51 PM, Char Jackson wrote:
Why would you try to connect to the VPN trough a connection that is not connected to the tunnel. If you send traffic that the netmask doesn't refer to the VPN then it is refuse if a full tunnel or sent through the bypass if a split tunnel. The one that is connecting has no choice as to which type of tunnel is used. If the traffic refers to that VPN and is sent using a different window/tab/browser whatever, than the one that is connected to the VPN, connection, the VPN will never receive it. They are not connected to the tunnel unless they are purposely connected. Just opening them does not connect them. Probably if you send a file from a different program the netmask would tell the computer what connection to send it through without that program being connected. Data is only sent to the VPN if that window/tab being used is the one that has a connection to the VPN. Other connections are not "attached" to the tunnel, unless they are purposely attached, so the VPN would not know about them. If you make a different connection to Google you don't go through that tunnel unless you use the same tab/window that made the connection or make a connection for that tab/window. Then you would probably have to login again at the same time as the other connection if the company would allow that. I don't know of a way to make another connection to an established tunnel, especially from the connecting computer since it has no control over the tunnel.
But he asked us to respond in the context of using a full tunnel VPN, so the answer becomes YES.
But he asked us to respond in the context of using a full tunnel VPN, so the answer becomes YES.
But he asked us to respond in the context of using a full tunnel VPN, so the answer becomes YES.
But he asked us to respond in the context of using a full tunnel VPN, so the answer becomes YES.
You're talking about remotely connecting, or a split tunnel, or a tab-based, browser-based, thing. You're not talking about the same thing that the rest of us are talking about.
Right, and the answer is still no.
You're not alone.
Caver1 is *not* talking about the situation you want to hear about.
Once again, you're not describing a full tunnel VPN. I don't know what you're describing, but it's clearly not that.
I'm sorry, but it really doesn't work that way. I'm trying to keep this focused on what the OP asked about: full tunnel VPN.
It's up to whoever owns the VPN. If it's an employer, you could be right about that. If it's a 3rd party VPN provider, you're almost certainly not right.
Please tell me how a proxy can give you a fake IP. Or at least tell me what you mean by fake IP.
Hint: it can't.
Actually I suspect that there is no such thing as a "split tunnel". there is a tunnel and there is the routing table in your computer which determines which addresses are routed through the tunnel and which not. For example the address of the tunnel server cannot go through the tunnel. It must have its own routing on some conventional route . So all tunnels are split just a bit. The OP has no idea what he has or wants. His routing table shows that he has a "split" tunnel for example.
>
In the above, "your PC" refers to whole entitity, all of the software on your computer. Yes, your left hand may not know what your right hand is doing, but "your" know because your right hand is part of "you". Under that definition you PC knows what it has done with the packet, and whether it has gone down the vpn or not.
Maybe we should start with some basics. A VPN (virtual private network) is a virtual connection between two defined endpoints. We should be talking about a situation where the nearest endpoint is your PC.
Instead, you're apparently talking about a situation where the nearest endpoint is on some remote PC somewhere, and you've accessed it with a web browser. That kind of VPN doesn't make a whole lot of sense to me, and it certainly doesn't apply here, given what the OP is asking about. In fact, I can't say that I've ever seen your kind of VPN.
See what I mean? More browser tab stuff, which completely doesn't apply here.
Not true. It has nothing to do with browsers or tabs.
That's the strangest VPN behavior I've ever seen. Does it exist?
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.