9

I would like to find a way to have as response the real route, tracing a server, when I am behind a VPN.

For example the first hop tracing stackoverflow.com from my pc is my router. When I dial a VPN then the first hope is the vpn server.

My question is, if it is a way to find out (although i am behind the VPN) the "real" route of the package before reaching the VPN server.

Steve Lorimer
  • 27,059
  • 17
  • 118
  • 213
Socios Socials
  • 101
  • 1
  • 1
  • 3
  • Better served at ServerFault, where you can find [this answer](http://serverfault.com/questions/217272/vpn-trace-route), which could mean you could just use your 'normal' ip as source for the trace. – Wrikken Mar 28 '11 at 23:23

1 Answers1

3

The relevant question is whether you know the DNS name (something like vpn.foo.com) of the VPN server you're connected to?

If so, then you disconnect from the VPN and traceroute to that DNS name... that traceroute is the path your packets take before going into the VPN server. If you don't know the DNS name it is connecting to, then ask your IT people for that DNS name. Be sure to run the traceroutes from the same machine you are having problems on (in case they are DNS load-balancing... so DNS name resolution stands a better chance of being consistent)

I usually use mtr or ping plotter freeware to troubleshoot poor connections, but there are plenty of other tools for the job.

Mike Pennington
  • 41,899
  • 19
  • 136
  • 174
  • A case is like that. I have an Virtual Machine hosting by a Cloud Provider for example and I want to know where that VM is. Tracerouting a random IP is not the case because the first hope is the VPN gateway that is always the same. I want to know if the VM is running in UK or in India for example. – Socios Socials Mar 29 '11 at 21:17
  • Sorry, but the details are not quite clear... Do you want the location of a Virtual Machine, and that virtual machine has a VPN connection? What kind of VPN is it? MPLS VPN, SSL VPN, IPSec VPN, or??? – Mike Pennington Mar 29 '11 at 21:21
  • Yes I have a VM and it is behind a VPN, IPSec VPN. – Socios Socials Mar 30 '11 at 11:12
  • If you can disconnect the ipsec vpn and still get to the machine, then disconnect the vpn, set up a traceroute, and you will have the real ip path info... if you can't get to the machine when you disconnect the vpn, then there isn't much you can do to find this info other than asking your VM provider. – Mike Pennington Mar 30 '11 at 11:38
  • thank you very much. It is the second case where I can not disconnect from the VPN. As for asking the provider that exactly is the issue ... I want to double check that the provider is telling me the truth about the location. – Socios Socials Mar 30 '11 at 16:52
  • It appears the VPN becomes the gateway, and yes DNS matters. However there is original metadata created... how to dissect that meta data is here: https://www.youtube.com/watch?v=JgeACFbUjZE – Don-Pierre Halfaway Sep 18 '21 at 15:28