VPN Tunnel Detection via HTTP CONNECT
Info Nessus Network Monitor Plugin ID 3177
SynopsisThe remote client was observed connecting to a VPN through an HTTP proxy.
DescriptionThe remote client was observed connecting to a Virtual Private Network (VPN) through an HTTP proxy. The client is configured to use an HTTP proxy to tunnel the VPN connection to an external network. This type of connection allows a local user to connect to a remote network as if they were local users. A VPN that allows split-tunneling will essentially serve as a bridge between the remote network and the internal network. Special care should be taken to ensure that remote VPN clients connect securely and do not introduce an unacceptable level of risk to the internal computing environment.
SolutionEnsure that use of a VPN is acceptable with respect to corporate guidelines and policies.