Answer the question
In order to leave comments, you need to log in
Changing IP before connecting to VPN?
The essence of the problem.
There is a VPN for access to work resources.
When it is connected to the PC, the Internet disappears and there is access only to company resources.
VPN connects only from Russian IP addresses.
Accordingly, you need to change my ip before connecting to the VPN (working).
Tried through 1 more VPN but after connecting a worker, my VPN falls off.
os windows.
Working VPN s terra
[Local Policy]
! Local Security Policy IPsecRule structure has optional field named
! CryptoContextsPerIPSecSA defining number of cryptographic contexts
! opened for each IPSec SA built with the IPsecRule. If the field is
! not defined there, number of cryptographic contexts equals the value
! of the DefaultCryptoContextsPerIPSecSA field. Value must be from 1
! to 128.
DefaultCryptoContextsPerIPSecSA = 1
! The time (in seconds) of info from dead connection could be used to
! create a new connections. Value must be from 0 to 2147483647.
DeadConnectionInfoLiveness = 28800
[External Modules]
! VPN driver has possibility to communicate not directly via newwork
! interface but via an additional service.
! Field VPNLinkService must be empty or one of two values:
! "vpnproxy" - this service encapsulates IKE/IPsec traffic into TCP.
! "vpnfirewall" - this service manages IP traffic with own policy.
VPNLinkService = "vpnproxy"
[HTTP]
! TCP port to listen for new http requests
! Default value is 8080
! Valid values are from 0 to 65535
! Value 0 means no listening for http request from outside.
LocalPort = 0
! Local IP address to access http requests from outside when LocalPort is not zero
! Default value is "0.0.0.0" (listen all local addresses)
!LocalIPAddress = "0.0.0.0"
! Buffer to send http packets
! Default value is 500
PacketsPerBuffer = 500
! Internal processing parameter
! Default value is 5; valid values are from 1 to 100
NumThreads = 5
! Used HTTP Header structure:
HeaderPrefix = "HTTP/1.1 200 PUT\r\nContent-Type: application/octet-stream\r\nAccept-Ranges: bytes\r\n"
HeaderTokenLength = "Content-Length: "
HeaderTokenTerm = "\r\n\r\n"
[Internal NAT]
! Default value is 120
MappingTimeout = 120
! Remote TCP port to initiate new session
! A partner SHOULD listen this port by setting same value in HTTP->LocalPort
! Default value is 8080; valid values are from 1 to 65535
DefaultTCPPort = 8080
! Value MUST be equal to NATTLocalPort in LSP
! Default value is 4500
LocalUDPPort = 4500
[VPN Link]
! Buffer for exchange packets with VPN Agent
! Default value is 500
PacketsPerBuffer = 500
Answer the question
In order to leave comments, you need to log in
Accordingly, you need to change my ip before connecting to the VPN (working).No, you need to configure routing for the VPN so that it is used only for the network where the working resources are located, is it possible with s-terra, I don’t know
THERE is a good option - to raise a separate virtual machine with Windows for this
. And in general, I would send nafig Sat - because firstly it does not protect against anything, secondly it's f*** MY PC and if I want an Internet, then it must be
Do VPN on the host, and then connect from
the virtual machine Or let's go to the VPN settings, we'll dig
in the vpn settings, you need to uncheck the use a remote gateway, in this case a simple way to configure routing will work (or rather, not configure it) and is suitable if the company's network is simple (one local network), the resources of the working network will be available only from the machine where the vpn is raised
If the network company is complex, consisting of several subnets, it is enough to write a simple bat file that prescribes the gateway for the subnets of this company to this vpn, since it is simple
route add 10.41.0.0 mask 255.255.0.0 10.27.0.1 metric 7
I don’t know what kind of VPN configs these are, because the author without hesitation believes that everyone should know this, but this is a typical mistake, which consists in the fact that the local car, when connected to the VPN, starts to drive all traffic through the VPN, that side naturally it does not accept and "the Internet is gone". The route needs to be configured accordingly - in Windows, for example, there is a checkmark, which is enabled
by default , and it is its disabling that solves the problem.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question