Question Connecting to VPN cuts local access

[Trekker800]

I work from home and have 2 pcs connected to my U-Verse router

My main "work" machine is an HP Z420 desktop, using the motherboard Lan port to connect to my router.

The second pc is an HP ProDesk 400 G3, connected to the router via the motherboard Lan port.

The Work machine is domain joined, and I use a Pulse Secure VPN to connect to my company's network.

The 2nd pc is a Workgroup machine.

I would like to be able to access files on machine #2, but after connecting to the VPN on the Work machine, I cannot access the 2nd pc.,

I installed a 2nd NIC in both machines, and connected the 2nd nics with an Ethernet cable.

Prior to connecting to the vpn, everything is working fine, it's connecting to the VPN that's killing the connection.

How can I keep the 2nd nic from being controlled by the VPN and allow a connection?

 

[boju]

I'm not too experienced with VPNs but have played around with it trying to lan games over the net. What i've found is when enabling VPN it masks / gives another ip address over the top of your main lan ip address. I found when VPN is still enabled other computers in the house can't connect to it.

What you could try do is first disable VPN so you can get your real lan ip address. Open command prompt (type cmd in start bar) type ipconfig and get the ipv4 and subnet mask address. Try manually set in the network adapter you want, under internet protocol TCP/ipv4 with those addresses. With any luck when VPN is turned back on it doesn't still override your local lan address.

 

[bill001g]

This is a issue called split tunnel.

The vpn client is forcing all traffic to go via the vpn tunnel. It is a simple matter of configuring the client to allow the traffic to the local subnet. In general this is consider poor security practice because it allows unknown devices access to the remote network. It is both the simple case of a file system that may contain virus or malware to a more advanced case of someone using something like internet connection sharing to allow a second machine to access the VPN tunnel.

If this was your vpn to say a vpn provider it would be up to you. When it is a company generally they are the ones that have policies if this is allowed. You really should ask the it department about this. In some cases you can make the changes on the vpn client, in a properly installed company vpn if a employee tampers with the vpn client to try to allow this the connection is disconnected. Any change in a client like that needs to be done by the it department.

 

[Trekker800]

I did some reading on split tunnel, and I definitely understand the security risk. I'm sure my IT department would not allow this. Is there any way have the 2nd NIC card NOT be subject to the vpn traffic routing?

 

[bill001g]

No in fact the vpn is actually intentionally over riding the routes that make the second local subnet work.

If they were going to make a exception it is generally for the local lan subnet the main nic is connected to. I know it was extremely common for people to complain that they could not print to the local printer without disconnecting the vpn. Certain well connected people got a exception but the company I used to work for had it pretty locked down. The vpn would not even launch unless you had certain virus software running and had the correct patch levels on the machine.

You could try the route command and put the route back for the second nic but smart vpn software will close the vpn connection when it detects this.

 

[Trekker800]

Well, ..... DARN!!

ok, back to usb stick transfers.......

Appreciate the replies.