1

I'm trying to figure out if this is even possible. I want my laptops to automatically connect to a trusted network if they're in range (Ie my wireless or hardwired). If they're not in range I want the computer to automatically connect to my internal network through VPN.

I know that I can configure a VPN to automatically connect to a specific network. I'm not aware if it's possible to let the in-range trusted network connection to take connection precedence and connect automatically. If it's not found, then make sure that connection automatically uses VPN to connect to my internal network. I don't want the user to have to connect through VPN manually.

Any one have experience with this or have heard about it?

Edit for clarification: Basically I want my laptop to automatically connect to my intranet via VPN if the computer is not in range of my own secured Wi-Fi. If I'm on my own network's Wi-Fi and try to connect to it via VPN the credentials will just cycle. Re-configuring the network to accept internal vs external IPs via VPN isn't possible in my situation. I basically need a way to automtically tell the machine without user intervention "If Sh0ck's-Trusted-Wifi isn't found, connect to his intranet via VPN with whatever connection you do have"

  • Your question isn't clear. If there isn't a trusted network then you have to manually connect to the untrusted network. Wouldn't it be just easier to always use the VPN? – Ramhound Apr 08 '15 at 12:16
  • Please add the OS you're using as a tag to the question. –  Apr 08 '15 at 12:39
  • Ramhound, Basically I want my laptop to automatically connect to my intranet via VPN if the computer is not in range of my own secured Wi-Fi. If I'm on the network's Wi-Fi and try to connect to it via VPN the credentials will just cycle. Re-configuring the network to accept internal vs external IPs via VPN isn't possible in my situation. I basically need a way to tell the machine that "If Sh0ck's-Trusted-Wifi isn't found, connect to his intranet via SSH VPN" –  Apr 08 '15 at 13:00
  • I have experienced this with my work laptop in the past. It looked for the company gateway and if it wasn't found would open the VPN username password box. How exactly this was done I sadly couldn't tell you. Something I'm not sure if you've thought about, if the laptop connects automaticly to your VPN with out user intervention, wouldn't it leave your network susceptible if it was stolen and before you could get home to disable the account –  Apr 08 '15 at 13:46
  • Sounds like it might be a script then?.. hmm.. Regarding the security issue.. I have been contemplating that.. I'm approaching that from a different angle though.. I might use asynchronous software tokens (I know it defeats the purpose of automatic connect in a sense) .. There's are a couple options I have if I can get this working correctly.. –  Apr 08 '15 at 14:16
  • Look up direct access, but it requires Windows 7 enterprise or ultimate. As well, I'm tempted to migrate since this appears to be about business support – Canadian Luke Apr 08 '15 at 14:28

1 Answers1

0

Yes. Windows Server 2008 R2 and newer has a technology that specifically works this way. It's called Direct Access. It's easier to setup in most network architectures under Server 2012. The client must be Windows 7 Enterprise or Ultimate, or Windows 8 Enterprise.

It uses IPSec and HTTPS; it works based on the machine containing a cert from your domain, and your user credentials. It's totally in the background, requiring no user intervention at all.

mfinni
  • 36,144
  • 4
  • 53
  • 86