Fwd: VPN only session.

Alan Johnson alan at datdec.com
Mon Oct 17 13:46:45 EDT 2011 

reply-to-all fail.  Sorry.
_______________
Alan Johnson
alan at datdec.com


---------- Forwarded message ----------
From: Alan Johnson <alan at datdec.com>
Date: Sun, Oct 16, 2011 at 11:38 AM
Subject: Re: VPN only session.
To: Greg Kettmann <greg at kettmann.com>


On Oct 16, 2011 10:14 AM, "Greg Kettmann" <greg at kettmann.com> wrote:

> The problem is that the VPN session randomly drops out.  Basically, I
> start Ubuntu and once it's operational I click on the little up/down
> arrows for network.  I select the VPN and I activate it.  This puts a
> little lock on the up/down arrows and I'm set.  Sometimes the lock drops
> off and I'm sending (or trying to send) in the clear.  Easy enough to
> fix but often a pain to get things back to the proper state.
>
> What I would prefer is to have the VMware session just be connected via
> VPN... no VPN, no connectivity.  If the VPN connection drops out I don't
> want it to fall back down to sending in the clear.  The whole session
> will stop working and I can restart it.  Is that possible?  I've tried
> searching on this, without much luck, but perhaps my search arguments
> are bad.  I'm not married to Ubuntu nor to VMware player.  If some other
> combination is known to work I'd love to hear about it.
>

I don't think there is a way to do that directly in the network config.
Besides, your local connection has to be active to enable connecting to the
VPN anyway.  You could turn off dhcp for your local connection in the vm and
manually configure it without dns servers, then name resolution would only
work if you were connected to your VPN.  Browsers will still cache some
names, but that usually times out pretty quickly.  You'd also want to add
your VPN server to /etc/hosts but that can be annoying if the IP address
changes.  This also won't help if you access much by VPN.

You could also write a cron job to shutdown the local interface when the VPN
is down.  You would have to enable the local interface first by clicking on
it in Network Manager (the "little up/down arrows") before clicking on your
VPN to enable it.  If you post the output of ifconfig while you are
connected to your VPN, I can post the code and tell you where to put it.  We
could even add a bit to try and keep your VPN connection alive if you also
post output of route -n while connected to the VPN.

Have you considered having your windows client only route traffic for your
VPN through the VPN, leaving everything else for the Internet?  Not sure if
that is quite what you are looking for, but it is a common configuration.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.gnhlug.org/mailman/private/gnhlug-discuss/attachments/20111017/e4735518/attachment.html

More information about the gnhlug-discuss mailing list