Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations biv343 on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Laptop Lockdown with VPN and Proxy? - Circumvention Possible?

Status
Not open for further replies.
MarcNJ

MarcNJ

Technical User
Jul 31, 2004
17
US
My father has a work laptop from his office that seems to be locked down with VPN and proxies so as not to allow any sort of internet access unless he is first connected to his office network via SecuRemote VPN. We have a wireless network at home and he gets an IP address from it, but beyond that, any sort of internet connectivity requires that he be connected via VPN. Additionally, internal LAN network connectivity (such as shared printers or accessing our router) don't seem to work at all. My mother is off her foot due to an operation for several more weeks, and has trouble getting upstairs to use our main house computer, and its a pain (not to mention slow) for her to consistently connect my father's laptop to his office via VPN every time she wants to check her email or do something else on the Internet. Anyone know any way I can circumvent the lockdown of the computer (at least temporarily) so that it won't interfere with my father getting onto his office network but will also allow regular internet browsing through our home wireless network and DSL connection? I'm sure if anyone is going to help, they'll need some more info, and I'd be more than happy to provide whatever is asked, but I wasn't sure what information would be pertinent so I thought it prudent to wait to see what information is requested. Any help is greatly appreciated!

Thanks,

- marc

p.s. in case anyone's wondering (since it does sort of sound like I'm a 15 yr old trying to hack into my dad's computer...haha...that's not the case), I'm a 24 yr old simply trying to assist my mother with using the laptop in an easier manner for her...she's not very computer saavy and often has problems with the VPN...thanks again!
 
Sort by date Sort by votes
Your Father could just ask at work (could be that they can do it for him as a special case). It could be that his company forbids making changes and he could be risking disciplinary actions for doing so himself.

Anyway...
What Operating System is it?.
What VPN client is being used?.
What user rights has his login got (admin?).

Check that it is not just a proxy set in Explorer that directs browsing via his works network.
 
Upvote 0 Downvote
MarkhP,

Thanks for the reply, and sorry for taking so long to get back to you. His company doesn't forbid him from doing this, but his IT department won't really help him out since they say it works the way it is now and they don't have time to try to fix it to work the way he wants it too.

It's definitely not just a proxy set in Explorer since nothing works unless he's connected via VPN, including local printers, other internet programs, etc.

The machine is a Compaq Armada M700 running Windows XP SP1. The VPN Client is Check Point VPN-1 SecureClient NG with Application Intelligence (R54) Build #: 132. My dad' user account on the machine has administrative rights. Any help is greatly appreciated, and please feel free to let me know if any more information is needed!

P.S. I think it must be the VPN client that's causing the problem, although when I attempt to stop it, I still can't gain any internet access. On a newer work machine my father has, stopping the VPN client does allow internet connectivity on my home network without having to go throught the VPN.

Thanks again!

- marc
 
Upvote 0 Downvote
This sounds like the VPN client is running in what they call HUB Mode. All traffic is routed via the main site for monitoring/sanitizing. I dont know the checkpoint client software Im afraid. Is there any configuration that you can get into where you may be able to see an option to disable "hub mode" or change it to another mode setting?. Have a look on the drive to see what checkpoint utils are around maybe. I dont want to guess too much incase it scr3ws up the install. Maybe someone else here is experienced with VPN-1 that can assist you?. Sorry I cant be more help.
 
Upvote 0 Downvote
I went to look for that HUB mode you were talking about, and found it and turned it off, but even after rebooting it still didn't seem to fix the problem. Here is what I did (along with links to pictures - the black boxes are simply the personal/company info that I've redacted/removed):

1)
Right-clicked on the CheckPoint VPN Client system tray icon and chose configure to get the VPN-1 SecureClient configuration screen that you see open in that picture.

2)
Highlighted the VPN connection profile and chose Configure Connection Profile from the Tools menu

3)
Clicked the advanced button

4)
Unchecked the Route all traffic through gateway checkbox under the Hub Mode Configuration section.


I then attempted to ping with no success. I then stopped the VPN Client and once again had no success with my ping. I then rebooted and once again attempted my ping (both with the VPN client running and stopped) and still had no success.

Any other advice or help is greatly appreciated! Thanks!

- marc
 
Upvote 0 Downvote
What about if you untick the login to policy server as well?

(Make a note of current settings first before turning off options incase they aren't recorded in the software when turned on again.)
 
Upvote 0 Downvote
Sorry once more for the long delay in responding. It seems now that my father's newer work machine also doesn't get any internet connectivity on our home network when we shut down the VPN client. I think there is some sort of security policy installed on both machines that only allows internet traffic to go out via the VPN connection...does this sound feasible? If so, I'm assuming there really is no way around this unless we get the IT folks at his office to disable this policy...??
 
Upvote 0 Downvote
Found a few bits you may want to look at.
Right click on the Securemote envelope (If you can see this icon?) and select "Stop VPN-1 SecureClient". I think the client is still running after this though.

In task manager, see if the following are running as services..

SR_Service
SR_WatchDog
SR_Gui

If they are, try to 'end task' starting with SR_WatchDog. This is about it from me I guess. You need a response from someone else with Admin experience on Checkpoint. Sorry, Good luck.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

teknance
  • Locked
  • Question
Discovering Portugal: Uncover Hidden Destinations and VPN Solutions
Replies
5
Views
685
GlobeTrekkerGal
GlobeTrekkerGal
sarahz2
  • Locked
  • Question
Best vpn safe and fast
Replies
4
Views
514
GlobeTrekkerGal
GlobeTrekkerGal
MP2023
  • Locked
  • Question
How to Create an site to site VPN
Replies
1
Views
473
sircles
sircles
ramblingrebel
  • Locked
  • Question
Built-in Windows 10 VPN
Replies
1
Views
421
Joon Smith
Joon Smith
LearningNetworking
  • Locked
  • Question
Linking Hosts on the same subnet via VPN
Replies
0
Views
475
LearningNetworking
LearningNetworking

Part and Inventory Search

Sponsor

Back
Top