Greetings GeeksToGo Experts,
I am so very grateful for these forums! By default, when I setup my VPN to the corp. network, my required security app connects to the company, and is encrypted via PPTP (not intercepted). But I would like to set a Firewall rule, or routing table rule to direct at least one of my browser apps to NEVER use the VPN (so I can check facebook, do personal email, etc.). I really appreciate any links to tutorials or walk-thrus you can provide. I've done a ton of searching and reading, and most of what I find relates to people who want to block an app from NOT using the VPN (the opposite of what I want to do), or else they discuss split-dns and split-tunnel vpn. I just don't want to disconnect the VPN just to check my personal email or other personal websites, etc (which as of right now, is going over the corporate network to the internet --- not very good for my privacy ).
Thus far, my best guess is to (??) uncheck that VPN config option for 'use remote gateway', then set FW rules specific to the apps. The company email, etc. should be blocked from local network, and required to use VPN and the browser I use for personal internet activity should be blocked from VPN and allowed for local. Any apps not really specific to company sensitive data or used for personal activity (eg., sw development testing) can just do whatever they want).
Or else, maybe I could somehow do this with proxy settings inside a Firefox type browser? I'm just not sure how best to do this.
Thank you so much!,
Paul Richardson
PS: Below is the info on my personal laptop computer (I have full admin rights):
COMPUTER HARDWARE:
ASUS G73JW ROG-A185F
(Special Edition 16 Gb Ram, Dual Hybrid Drives)
OPERATING SYS:
OS Version: 6.1.7601 SP1 (Win 7 Ultimate)
FIREWALL:
PrivateFirewall v.7.0
(a Free FW installed on my host OS, w/granular rules for apps and processes)
LOCAL (HOST) PROXY APP:
Privoxy ver.3 for Windows
NOTE: I usually disable this when on the VPN
BROWSERS:
Portable FF v.18 (also have local installed version)
Chrome v.24 (installed and port version)
Opera v.12 (installed and port version)
YAPO (Yet Another Port Opera) v.10
Safari for Windows v.5
Dragon v.24
SRWare Iron v.23
VPN CONNECTION:
Win OS built-in VPN (PPTP, w/EAP)
VPN is a PPP connection
SM is 255.255.255.255
My local adapter VPN 'virtual' netwrk interface gets a class 'A' IPv4 address
My VPN IP is in the same subnet as the company
The VPN server does not provide me any IPv6 functionality
============================================================
============================================================
============================================================
C:\>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : BRAINLESS
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
System Quarantine State . . . . . : Not Restricted
PPP adapter VPN Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VPN Connection
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : X.X.X.X (Preferred) <<< This is a Class A IPv4 address
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 0.0.0.0
DNS Servers . . . . . . . . . . . : Y.Y.Y.Y <<< This is a Class A IPv4 address for company DNS server #1
z.z.z.z <<< This is a Class A IPv4 address for company DNS server #2
NetBIOS over Tcpip. . . . . . . . : Enabled
Wireless LAN adapter Wireless Network Connection 2:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 6A-5D-60-72-16-13
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Wireless LAN adapter Wireless Network Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
Physical Address. . . . . . . . . : 48-5D-60-72-16-13
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::a489:286c:482f:f64%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.97(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, January 27, 2013 16:56:20
Lease Expires . . . . . . . . . . : Sunday, March 09, 2149 16:13:30
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 189291872
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-14-91-5A-BC-AE-C5-16-E6-F4
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter Local Area Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Physical Address. . . . . . . . . : BC-AE-C5-16-E6-F8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 13:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.{8A6472C4-F745-4AB9-BB95-64CD6FD84B83}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.hsd1.il.comcast.net.:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.{7DAC75A5-F229-4FE6-9A22-26682CC7F086}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes