VPN Issues

[pilks]

I have a slight dilemma that I need a solution for.

I am currently a student at UCT. My Software development team has been given a Virtual server on which we run TFS 2010, SQL server and other tools.
UCT has this server behind a firewall.

The only we can access this from outside is via a VPN connection. As i am sure you are aware when you are connected to a VPN your machines internet is cut off. WE are aiming to work off campus for a large part of the June /July Vac in a flat together
The issues with these are the following:
1. When you are coding you need to use the Net as a resource library etc
2. We need to be connected to TFS all the time to handle source control.

I do have a central server(old machine) at my flat which I can use. So my question is:
Can i connect the server to connect to the VPN such that when my machines want connect to the Virtual server it will go through my central server at home. And for internet traffic and the rest of the internet traffic wont be affected?

Essentialy what i want is for my team to be able to access the TFS without needing to connect to the VPN on their machines.

thanks

 

[syntax]

Firstly, when connectign to a vpn you dont have to be cut off from the internet. You can use split tunneling / route specific traffic to identify interesting/encryption domain traffic.
How is the vpn setup on the TFS?
I am 100% certain you can alter it to use split tunneling

 

[syntax]

To answer your second question. Yes, you could simply add a route on your machine to point to your server at home for the traffic that needs to go through the vpn (the ip of the TFS server).
The server would need to have a few things configured on it though.

 

[RoganDawes]

The "disconnection from the Internet" is typically mandated by the VPN end point, using a policy downloaded from the VPN gateway.

One way of getting around this is to use a Virtual Machine to connect to the VPN, and interact with it, and be disconnected from the Internet. Your host machine would not be disconnected from the Internet, and could be used to do research, etc.

Alternatively, it MAY be possible to manually add routes to revert the policy enforced by the VPN client. But the best way is to ask the VPN administrators to relax their policy, and allow you to do split tunneling.

 

[pilks]

Thanks for the replies.

Let me explain the layout first. UCT gets us to use a Cisco VPN client to connect to the VPN that is hosted somewhere at UCT ot give us access to the entire UCT network. Our virtual server doesnt have any VPN set up on it. Team foundation Server(tfs) is hosted on port 8080.
My server at home would have Server 2008 R2 on it. How would i go about testing to see if i can use split tunneling ? The server being connected to the vpn and my machines connecting through that would be ideal tho. How would i set this up ? My knowledge of these things are limited.

Unfortunately the VPN policy is one of 'take or leave it' as i have very little power as a student

 

[syntax]

With the cisco client, you wont be able to change the policy.
I know very little about MS servers, but I would think it has something to do with enabling routing and remote access on it? (IE you need to use the server as a router as well) then create the vpn tunnel from that server to UCT.

On your home workstation, add a static route for the UCT server ip to point to your home server ip.
I can help you with adding the static routes:
route add x.x.x.x (ip of uct server you want) MASK x.x.x.x (can use a /32) x.x.x.x (ip of your home server)
to make it persistant use the -p command

 

[pilks]

ok thanks i will look into it !
cant be too hard