You also asked about split tunneling, so let's take a moment to explain that concept before walking through the...
process of creating a VPN connection. By default, when you create a VPN connection, Windows funnels all of the communications from your computer through the VPN. So, if you're logged into a corporate VPN from home to check your email, all of the other Web surfing you're doing on your computer is also being run through your corporate network. This is the default behavior because, from the company's point of view, it's the safest way and ensures all traffic is protected regardless of the destination.
You might not want this behavior, however, for a couple of reasons. First, it allows your company to inspect all of your personal Web traffic while connected to the VPN. Second, it will likely slow down your access to the Web, as everything must first be sent through the VPN.
Split tunneling, on the other hand, configures the VPN connection so that only traffic headed to computers on the corporate network is sent through the VPN connection. Other traffic leaving your computer goes out through your normal network connection.
Follow these steps to set up a VPN connection in Windows Vista that uses split tunneling:
- From the Control Panel, choose "Network & Internet."
- Click "View Network Status and Tasks."
- Click "Manage Network Connections."
- Right-click on your VPN connection and select "Properties."
- Select the "Networking" tab.
- Highlight "Internet Protocol Version 4 (TCP/IP v4)."
- Click "Properties."
- Click "Advanced."
- Uncheck the "Use default gateway on remote network" box.
- Click "OK" three times to close the windows you opened.
From that point forward, only traffic destined for your corporate network will be sent through the VPN. All other traffic will use the local network.
For more information:
- What are the security risks of Windows Vista RSS functionality? Learn more.
- Read more about the risks of disabling User Account Control (UAC) on Windows Vista.
Dig Deeper on VPN security
Related Q&A from Mike Chapple
It's not possible to eradicate the risk of DoS attacks, but there are steps infosec pros can take to reduce their impact. Mike Chapple shares ... Continue Reading
The HHS OCR ruled that healthcare ransomware attacks are HIPAA violations, so these covered entities need to react according to the HHS's guidance. ... Continue Reading
HIPAA regulations incorporate NIST guidelines and standards, so do healthcare organizations need to be compliant with both? Expert Mike Chapple ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.