I have a question regarding this VPN tool that I use to access online resources while outside of the office since almost all of our work is currently based from home.
This tool is installed on my laptop that is provided by the company I work for and I login into it every time I need access to some global databases.
I intend to travel for a few days without letting my employer know (getting an approval is a hassle) and I want to continue work while outside of the country.
Does anyone have any idea whether or not this tool will still provide VPN sessions while abroad (i.e. different IP address location)?
regardless of it working or not, they will have a log of where your IP is coming from.
It may be a hassle to get authorized but you know what else is a hassle…finding a new job because you decided to break your company’s IT Policy for remote work.
=P
I know it is really easy to block other countries with geoblock, The very first rule I put in all of our firewalls is to block all countries outside of the US.
I use Azure to auth our Anyconnect VPN. Abnormal travels show up right on the AzIdP dashboard lol.
Unless they have access restricted by IP address (which I’ve almost never seen done) then yes it should work. If you are going to a suspicious country like china or iraq or afganistan they might have geoblocks for that whole country. If you are going some place like canada or UK or france probably not an issue at all.
Anyconnect should work. Can you connect from there may depend on the country and your employers security policies.
Not sure if our IT dept thought of doing this, though I may subtly ask them.
But is there a way around this? Like setting multiple VPNs or using a VPN router?
Except with firepower and VPN. Geolocation rules can be used for blocking “through the box” traffic, but not “to the box” traffic. I’ve pushed this as a feature request, we’ll see. The prescribed solution is ANOTHER firewall in front of FTD so that geolocation can be used to prevent VPN attacks from foreign countries.
Certainly hope this is the case with my employer, fingers crossed!
Taking a risk here, but definitely not as big as heading to any of those suspicious countries you mentioned, so it should hopefully be OK
set up a vpn that goes through your home network.
Are you sure about this? Usually you are blocking to the device when blocking all traffic. I am going to have to investigate this.
Edit: By sure I am interested in the documentation for this. Currently researching but if you can point me in the right direction… tyia
Is that with sysopt permit-vpn on or even without it?