MagicJack & VPN

[LikeMagic]

Anyone here has MJ working in a VPN session? There is no settings that you could configure alternate proxy when using MJ with VPN.

[trodecke]

Depending on what VPN you're using and what your company's policies are, it's highly unlikely you'll be able to make something like MJ work while connected to your VPN. To do so would require your VPN to be configured for something called split tunneling, a situation where you can still be connected to the Internet while having your VPN up. Because of the security risks inherent to that configuration most companies don't allow it. Even if your company provided a web proxy for your browser to work when you're connected to you VPN, MJ wouldn't work as it would require a SOCKS proxy as well as MJ being able to be configured for a SOCKS proxy.

[LikeMagic]

I understand all bout VPN/proxy/SOCKS/authentication/etc.

My complain is that MJ does not provide a way for user to set up alternate proxy authentication to be used with VPN. I have several internet apps that provides alternate SOCKS/authentication so they work fine with VPN. Maybe MJ should implement the same. I travel for business and connect via VPN back to my corporate network 24/7, so if the internet app does not work with VPN then it's not as useful for VPN users.

[MagicJacked]

Anyone here has MJ working in a VPN session? There is no settings that you could configure alternate proxy when using MJ with VPN.

I think it depends on the VPN. Some VPNs force all traffic through the VPN and prevent all access to the outside world. Even your own network is not permitted. But for nicer VPNs I think it is just a routing issue. Most VPNs change your default route. If you can correct your default route the MJ might work again, or you could add specfic routes the MJ needs. I have done this for other Internet access with great success.

Another choice I have done is run the VPN from a VMWare session. Then the VPN can do what it wants and your host computer is not affected. I have 2 VPNs going on at the same time using VMWare and it worked great. One was the not nice type that prevented me from accessing my home network and the Internet.

I have not used a VPN since I got my MJ. So I can't be sure of anything above, but I don't see why the MJ would be special.

[trodecke]

One was the not nice type that prevented me from accessing my home network and the Internet.

Hi MagicJacked,

The not nice VPN was configured that way most likely for security. Being a networking person myself I get very concerned when a network I have no control over gains access to my network. If the VPN were configured for split tunneling then anything that could potentially do damage to your computer at home (a child's PC loaded with flash games that also has a relay agent on it from the last gaming site they went to, etc) can also affect my network with potentially much more serious consequences. And I'm one of the less paranoid type network people.

[MagicJacked]

One was the not nice type that prevented me from accessing my home network and the Internet.

Hi MagicJacked,

The not nice VPN was configured that way most likely for security. Being a networking person myself I get very concerned when a network I have no control over gains access to my network. If the VPN were configured for split tunneling then anything that could potentially do damage to your computer at home (a child's PC loaded with flash games that also has a relay agent on it from the last gaming site they went to, etc) can also affect my network with potentially much more serious consequences. And I'm one of the less paranoid type network people.

I know why it was done. I was working from home. The source and compilers were through 1 VPN and the test system was through the "not nice" VPN. I would have needed to use 2 computers and floppies to do my work and transfer files, or use 1 computer and disconnect and reconnect often throughtout the day. Each disconnect would maybe cost me 5 minutes of extra effort. By using VMWare and VMWare's drive sharing I was able to use 1 computer and transfer data quickly. I could be looking at source on 1 system and log/debug data on another at the same time on the same screen.

Oh, the "not nice" people had no idea. They whould have $#!+ if they knew. That was about 3 years ago.

Funny, they disabled ftp so that no-one could transfer data to/from the system. No way I could do my job, but that did not seem to matter to them. But they did not know about scp.

[trodecke]

No way I could do my job, but that did not seem to matter to them.

In many instances they (we) are only implementing what senior management asks for. Unfortunately the higher the security posture the more difficult it tends to be to get one's work done.

But they did not know about scp.

Have you tried WinSCP (http://winscp.net/eng/index.php)? It works well for me.

[MagicJacked]

Have you tried WinSCP (http://winscp.net/eng/index.php)? It works well for me.

Nope, never heard of it. I use pscp on windows.

[trodecke]

Nope, never heard of it. I use pscp on windows.

Putty is good stuff. I use their SSH/Telnet client, especially now that it supports serial connections. WinSCP uses a GUI and is a little more user friendly than a CLI based utility.