Basically I want to connect to vpn from other hosts. My laptop is connected to vpn but I want to connect another device to vpn via laptop.
I am connecting to vpn using pulse secure on my laptop.
Laptop is connect to WiFi.
In laptop I set proxy as 127.0.0.1:3129 under settings.
I am using Putty to connect using ssh and also under tunnels I added some local port forwarding and also checked "Local ports accept connection from other hosts".
On laptop its connected to network, everything is working including Internet and office intranet.
Then on other device which is connected to same WiFi, I set the proxy as the ip address of laptop and the port(3129) which is being used in laptop for proxy.
But this device is not able to connect the desired office network.
On the laptop if I run wireshark, I can see the packets coming.
The other thing I tried in putty was I added a local port forwarding for that specific address I am trying to connect like:
something.com:443 and local port 111112
using this also, i can see packet arriving in the laptop using wireshark but nothing happens, doesn't connect to something.com
Does pulse secure block this kind of connection where we can connect to vpn from other hosts ?
Or is it windows blocking ? when I first ran putty with local port to other hosts checked, I got dialog on windows whether to allow this kind of connection and I clicked yes.
Pulse secure version: 18.104.22.168055
@hashmat It shoud work unless your administrator did block local network access when connected to VPN using route precedence or using ACL to block P2P communication (server side options).
I have not used Putty SSH tunnel before, but have used similar kinda thing using HTTPS proxy i.e. proxying web requests through my host which is connected to VPN thereby making that host to act as HTTPS proxy.
Are you saying that you're able to the traffic sent by the laptop2 (network device) on laptop1 (VPN connected host) over it's virtual interface, but not connecting to the forwarded destination i.e. no traffic intiated by laptop1 to the dest. server?
Its like this.
Laptop and Android phone are connected to same WiFi.
On laptop I connect to office network using pulse secure over vpn. ssh using putty. Check loca forward ports in putty under tunnels. Laptop runs proxy at 127.0.0.1:3129.
and under settings -> proxy i set this this local address and port. Internet and Intranet work on laptop.
And on Android phone I set proxy(ipadress and port 3129) in the test app to the laptop's WiFi ip address. Is that correct?
@hashmat Yes, that's correct. As mentioned before, I haven't used SSH tunnel through Putty (need to read about that), but the configuration that you did is correct. I can confirm that.
So, what type of resource are you trying to access through the laptop's proxy connection? Is it SSH or Web resource?
basically I have an app running on the phone which should connect to my laptop running vpn and the app would access some BE APIs which are accessible only over vpn.
I have some update on this.
We also had a method to connect to vpn using open vpn(without pulse secure).
Using this method, once vpn is connected. I am able to connect to this laptop(Windows OS) from another device(phone) by using laptop's ip address as proxy. It works!
So this means its most likely pulse secure could be blocking incoming connections.