Maybe a bit too secure

You know I’ve always been a big advocate of finding that fine line with technology where it’s secure, but still usable. Today at the office I think we found someone crossing that line a bit. We had a client laptop in our office. They needed to use our guest network to VPN to their network, which is completely common and no big deal really. We don’t have a publicly available network in our office, you do have to call the help desk and we assign a username/password combo specific to you, so that way if someone’s using the network to do something untoward, we can track down who it was.

Like most networks like ours, we redirect your browser when you first connect to our network to do the authorization before you can go anywhere else. Well, this laptop had proxy settings in the browser. It was trying to access a public proxy server, which of course it couldn’t because it hadn’t authenticated with the network yet, but the proxy was interfering with our redirect so nothing happened. So we disabled the proxy. We got a good connection, and the VPN wouldn’t connect. Turns out that the VPN server on their network requires that all connections come through that proxy server. Not only does it not allow other connections, but it automatically disables the account of the person trying to sign in to the VPN.

Yes, it took numerous phone calls, and our network engineer to talk to their network engineer before we figured out how to work around this. (Disable the proxy, authenticate with our network, re-enable the proxy, THEN connect the VPN)

Seems to me that the usability factor had been lost in this equation. But maybe that’s just me.

Tags: VPN, proxy

Similar Posts

One Comment

  1. No, I think you have a point there. Some VPN clients are too obessessed about security it makes it impossible for guests to logon. I guess you can draw a reference in today’s world where airport security is a major issue. Some VPN clients just want to have good safety measures to prevent attacks by hackers.

    Nationwide VPN

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.