Autolaunch VPN Client

Discussion in 'Cisco' started by JJDC, Jun 25, 2004.

  1. JJDC

    JJDC Guest

    Using VPN Concentrator 3000 with VPN Client 4.0, slit tunneling
    disabled. Would like the VPN client on remote machines to autolaunch
    anytime it detects an internet connection (dial-up, LAN, Wi-fi). Users
    would not be able to control this option. Objective is to ensure that
    all traffic to the laptops passes through our firewalls, so we don't
    have to worry about compromised machines accessing network.

    Alternate solutions: local firewalls on remote machines, static
    internal IPs, any other ideas?
    JJDC, Jun 25, 2004
    #1
    1. Advertising

  2. JJDC

    News Account Guest

    Search for "auto initiation" in the help file.

    Don Woodward


    "JJDC" <> wrote in message
    news:...
    > Using VPN Concentrator 3000 with VPN Client 4.0, slit tunneling
    > disabled. Would like the VPN client on remote machines to autolaunch
    > anytime it detects an internet connection (dial-up, LAN, Wi-fi). Users
    > would not be able to control this option. Objective is to ensure that
    > all traffic to the laptops passes through our firewalls, so we don't
    > have to worry about compromised machines accessing network.
    >
    > Alternate solutions: local firewalls on remote machines, static
    > internal IPs, any other ideas?
    News Account, Jun 25, 2004
    #2
    1. Advertising

  3. JJDC

    JJDC Guest

    I had read that previously, but seemed to only apply to wireless
    connections. I want something to make it mandatory to connect with VPN
    client with any network connection, but still lets the users work in
    an unconnected state...

    "News Account" <> wrote in message news:<xL0Dc.882$>...
    > Search for "auto initiation" in the help file.
    >
    > Don Woodward
    >
    >
    > "JJDC" <> wrote in message
    > news:...
    > > Using VPN Concentrator 3000 with VPN Client 4.0, slit tunneling
    > > disabled. Would like the VPN client on remote machines to autolaunch
    > > anytime it detects an internet connection (dial-up, LAN, Wi-fi). Users
    > > would not be able to control this option. Objective is to ensure that
    > > all traffic to the laptops passes through our firewalls, so we don't
    > > have to worry about compromised machines accessing network.
    > >
    > > Alternate solutions: local firewalls on remote machines, static
    > > internal IPs, any other ideas?
    JJDC, Jun 28, 2004
    #3
  4. JJDC

    News Account Guest

    I know it implies wireless in one place but then says "any" in another - how
    would it know the difference - the Cisco help wording seems contradictory.

    Don Woodward


    "JJDC" <> wrote in message
    news:...
    > I had read that previously, but seemed to only apply to wireless
    > connections. I want something to make it mandatory to connect with VPN
    > client with any network connection, but still lets the users work in
    > an unconnected state...
    >
    > "News Account" <> wrote in message

    news:<xL0Dc.882$>...
    > > Search for "auto initiation" in the help file.
    > >
    > > Don Woodward
    > >
    > >
    > > "JJDC" <> wrote in message
    > > news:...
    > > > Using VPN Concentrator 3000 with VPN Client 4.0, slit tunneling
    > > > disabled. Would like the VPN client on remote machines to autolaunch
    > > > anytime it detects an internet connection (dial-up, LAN, Wi-fi). Users
    > > > would not be able to control this option. Objective is to ensure that
    > > > all traffic to the laptops passes through our firewalls, so we don't
    > > > have to worry about compromised machines accessing network.
    > > >
    > > > Alternate solutions: local firewalls on remote machines, static
    > > > internal IPs, any other ideas?
    News Account, Jun 28, 2004
    #4
  5. JJDC

    mikester Guest

    "News Account" <> wrote in message news:<%cZDc.4073$>...
    > I know it implies wireless in one place but then says "any" in another - how
    > would it know the difference - the Cisco help wording seems contradictory.
    >
    > Don Woodward
    >
    >
    > "JJDC" <> wrote in message
    > news:...
    > > I had read that previously, but seemed to only apply to wireless
    > > connections. I want something to make it mandatory to connect with VPN
    > > client with any network connection, but still lets the users work in
    > > an unconnected state...
    > >
    > > "News Account" <> wrote in message

    > news:<xL0Dc.882$>...
    > > > Search for "auto initiation" in the help file.
    > > >
    > > > Don Woodward
    > > >
    > > >
    > > > "JJDC" <> wrote in message
    > > > news:...
    > > > > Using VPN Concentrator 3000 with VPN Client 4.0, slit tunneling
    > > > > disabled. Would like the VPN client on remote machines to autolaunch
    > > > > anytime it detects an internet connection (dial-up, LAN, Wi-fi). Users
    > > > > would not be able to control this option. Objective is to ensure that
    > > > > all traffic to the laptops passes through our firewalls, so we don't
    > > > > have to worry about compromised machines accessing network.
    > > > >
    > > > > Alternate solutions: local firewalls on remote machines, static
    > > > > internal IPs, any other ideas?


    Try this web page...

    http://www.cisco.com/en/US/partner/...cts_administration_guide09186a00800bd98e.html

    You need to configure your vpnclient.ini with the auto initiation
    options. In those options you specify a network (IP/netmask
    combination) that would cause the auto initiation to happen. I'm not
    sure but you could try 0.0.0.0/0.0.0.0 (like a default route statement
    that matches everything) and that might match any network causing the
    auto initiation feature to happen any time the network adapter is up
    and has an ip address. The bad part is that if the network adapter is
    up and windows assigns one of those "169...." Ip addresses your auto
    initiation feature will still try to connect (and fail).
    mikester, Jun 29, 2004
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. MP
    Replies:
    2
    Views:
    12,227
  2. jarcar
    Replies:
    0
    Views:
    572
    jarcar
    Feb 12, 2004
  3. Nick
    Replies:
    2
    Views:
    2,364
  4. D K
    Replies:
    4
    Views:
    454
  5. Ned
    Replies:
    0
    Views:
    536
Loading...

Share This Page