Information Security Asked by relot on November 11, 2021
I got a *.openvpn from work and I monitored the traffic on wireshark.
On my normal vpn every traffic is routed via the vpn (as expected).
But with this work vpn only the traffic that uses the work servers use the openvpn protocol.
So I’m wondering how do they detect if certain traffic should be rerouted over the work vpn and which traffic should use the "normal route" over my internet provider.
In the *.openvpn there are the following commands
nobind
remote xx.xx.com 1194 udp # xx is the work server name
remote xx.xx.com 443 tcp
I guess this remote command checks if certain traffic should be rerouted and if the server name matches it uses the vpn, but how exactly is this done? Does the vpn monitor all dns requests? How does it get the exact ip address of the work server?
Or to put it more simply: Can my work see my other internet activities(via dns queries or similar) while the vpn is connected?
This is called split-tunneling. It is done by establishing a VPN tunnel to the company but then routing only a specific network range through this tunnel. All other traffic is handled the same way as was done without VPN. Note that the commands you show are unrelated to this split-tunnel setup.
Or to put it more simply: Can my work see my other internet activities(via dns queries or similar) while the vpn is connected?
This depends on what your DNS server is. This is not visible from the config you've shown but it might be part of the config. If it is a server where the company has access to the logs then they might also monitor which sites you access.
Answered by Steffen Ullrich on November 11, 2021
Get help from others!
Recent Questions
Recent Answers
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP