You also asked about split tunneling, so let's take a moment to explain that concept before walking through the process of creating a VPN connection. By default, when you create a VPN connection, Windows funnels all of the communications from your computer through the VPN. So, if you're logged into a corporate VPN from home to check your email, all of the other Web surfing you're doing on your computer is also being run through your...
corporate network. This is the default behavior because, from the company's point of view, it's the safest way and ensures all traffic is protected regardless of the destination.
You might not want this behavior, however, for a couple of reasons. First, it allows your company to inspect all of your personal Web traffic while connected to the VPN. Second, it will likely slow down your access to the Web, as everything must first be sent through the VPN.
Split tunneling, on the other hand, configures the VPN connection so that only traffic headed to computers on the corporate network is sent through the VPN connection. Other traffic leaving your computer goes out through your normal network connection.
Follow these steps to set up a VPN connection in Windows Vista that uses split tunneling:
- From the Control Panel, choose "Network & Internet."
- Click "View Network Status and Tasks."
- Click "Manage Network Connections."
- Right-click on your VPN connection and select "Properties."
- Select the "Networking" tab.
- Highlight "Internet Protocol Version 4 (TCP/IP v4)."
- Click "Properties."
- Click "Advanced."
- Uncheck the "Use default gateway on remote network" box.
- Click "OK" three times to close the windows you opened.
From that point forward, only traffic destined for your corporate network will be sent through the VPN. All other traffic will use the local network.
For more information:
- What are the security risks of Windows Vista RSS functionality? Learn more.
- Read more about the risks of disabling User Account Control (UAC) on Windows Vista.
Dig deeper on SSL and TLS VPN Security
Related Q&A from Mike Chapple, Enterprise Compliance
Should companies obtain U.S. security clearance to join the Enhanced Cybersecurity Services program? Mike Chapple offers his perspective.continue reading
Does a Web application security assessment termed 'compliance ready' seem too good to be true? Learn its role in an enterprise compliance program.continue reading
Learn how hiring the right PCI DSS-compliant service providers, especially payment services providers, can reduce your compliance burden.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.