Every time I try to connect or disconnect from my work VPN at home, it always ends up blocking my entire home network so that my other non-work devices can’t access the internet either. What is going on?
I’m asking here because I am desperate and I have nowhere else to go. I’ve had this problem every company I’ve worked at in the past 10+ years. Most of them use some variant of Cisco VPN.
You can’t have two (2) default (internet) gateways.
To get a meaningful answer you need to provide a lot more detail. How does your employer provide vpn service? Software? Company router? How do you connect and disconnect? Do you have your own separate router? How have you configured your internet service and local area network?
Easy to answer : You have to exclude your local IP-Range …
Or all local request go to the remote Server, who knows nothing about your home-network
Apologies, I got a measly 3.0 in my Networking class so honestly I never had a good grasp on some of these things.
I don’t exactly know how my company provides VPN service, I just have this app on my work laptop that I use to login to the corporate network. At most companies it’s Cisco VPN. My current company has their own thing. I don’t know the arch behind it (I could ask).
I have my own modem + router at home:
How do I do that? My company’s VPN program doesn’t let me do anything with IP ranges.
And it kills the network it for the all the devices at the house when connected?
That must mean your VPN is routing out the gateway… Idk how to help you without seeing everything but you’re sure they don’t actually supply a physical device for their VPN? It’s all software on your end computer and that’s it?
Check what the default gateway is on your other machines and make sure it’s your home router (192.168.1.1).
There’s more I typed but honestly without seeing your setup I’m not necessarily sure what could be causing that and don’t want to lead you the wrong way.
Edit: My VPN has a “kill all internet when disconnected” checkbox and also when connecting it may be tunneling everything through the VPN, which will need to be split tunnelled for your other devices if that’s the case.
Call your company and get their tech guy to fix it for you. You should be able to connect to the VPN through one machine without having it block all other networking from other machines.
Idk without seeing the setup or having a lot more info I can’t really help.
So a few more questions.
Are you are sure there is not a company supplied vpn router (ASA device)?
Is your software called Cisco AnyConnect?
What have you been doing to restore internet access for the past 10+ years?
I could see it preventing your laptop from getting internet access (that’s actually an option in the software) or access to other devices on your LAN, but it should have no effect on other devices accessing the internet unless you are all going through their ASA (or they are somehow configured to use your laptop as a gateway->doubtful).
How have you managed to get by for 10+ years without ever asking the company’s IT department to fix this?
In this case you have to add a static route for your private network manualy after the VPN is connected.
Are you are sure there is not a company supplied vpn router (ASA device)?
Yeah if you mean a supplied device as in a take-home device that every employee needs to have and plug in, then no, none of my companies have ever given me that, and I’ve worked at quite a few places. The only thing I ever got was a Yubikey for 2FA.
Is your software called Cisco AnyConnect?
Yes, Cisco AnyConnect.
What have you been doing to restore internet access for the past 10+ years?
Basically kill the VPN program on my work machine, which restores internet access on my home devices that were not a part of the VPN. Alternatively, if my work machine successfully authenticates against my company’s VPN and can log in, then my home devices can also connect to the internet normally (not through the VPN).
Sometimes, VPN disconnects will put my network connectivity into what I can only describe as a “bad state”, and it can’t reconnect no matter how long it spins. During this whole time my home network is entirely blocked. I have to unplug / plug in the router to force a restart.
Specifically, it is only when my work machine tries to connect with VPN (continuously spinning/loading) that my home devices all can’t talk to the internet. This is a problem because for whatever reason my company’s VPN disconnects itself at least once a day, and when it does it will continually try to reconnect, and during this time all my home devices are blocked from accessing the internet.
How have you managed to get by for 10+ years without ever asking the company’s IT department to fix this?
Oh believe me, I’ve asked. I’ve asked at every single company I work at, and for whatever reason only I appear to have this problem. I even asked again this morning and they all said it must be something about my network setup, but they couldn’t tell me what it was, so I finally asked Reddit. I was hoping that with WFH being a thing, I wouldn’t be the only person with both a home device and a work device connected to the internet at the same time through a non-VPN and VPN route respectively.
Have you considered that your home internet might just go down sometimes?
I’d set up a connectivity monitor on both your work machine and some other always-on device to verify causality.
Is this something you can repeat at will?
Comcast does screw me over sometimes, but it rarely coincides with any VPN authentication activity, and it’s pretty obvious when it does go down, because even shutting down my work computer won’t restore internet connectivity.
The incidents I’m talking about are very specifically happening when my work machine tries to authenticate against VPN, almost like it’s holding a mutex / lock on my gateway until it can either connect or disconnect. It’s obvious because I’ll usually try to load YouTube or Twitter on my home laptop, and it will freeze halfway through loading all the thumbnails, and then when I kill VPN on my work laptop, or when it successfully connects, YouTube/Twitter on my home laptop will suddenly load all the videos like it just woke up from a coma.
Edit: 8:31PM - And it just happened again. I was listening to music on YouTube on my home laptop while working on my work laptop when VPN decided to disconnect and reconnect. During those 10-20s, my YouTube froze completely, and when VPN reconnected on my work laptop the music on my home laptop started playing again. So yeah, it’s pretty consistent.
Just saw your edit.
The VPN disconnected and reconnected for the same reason your YouTube stopped working: Comcast went down. Maybe for 30 seconds, maybe for 2 minutes.
I could help you set up a connectivity monitor so you can report back to Comcast with some hard data proving they have issues they need to fix.
How do I set one up? I see a bunch in the Chrome Web Store, and I see other people just running a traceroute script. What do you recommend?
I agree, this would be a good next step to either prove or disprove the Comcast connection as the cause, although I think it’s very unlikely that it would just happen to do so at the exact time your vpn client is trying to authenticate. Still, it needs to be ruled out. Also did you click on the link I gave in my earlier comment showing the options screen? If you can find that in your AnyConnect client you can poke around and check a few of the settings to make sure they make sense.
I’d just run a simple bash / batch / PowerShell script for a few days.
I presume you use a Windows computer - correct?
Oh cool I already have a bash script that works on mac.
