I installed Pulse Secure VPN (now called Ivanti Secure Access Client) about a month ago. I couldn’t make it work with MWB since as soon as I connected to it, the shared m+kb would stop working. But then all of a sudden it started to work magically. Today I reinstalled the VPN client and MWB doesn’t work anymore and despite spending half dozen hours trying to fix the issue, I couldn’t find a solution or realize how I made it work the first time. I know you would normally need a VPN split tunneling option but there’s no such thing in the client. Since in the route table all traffic gets sent to the VPN (including that of local network), I don’t understand how it could work before. I’m really trying to wrap my head around it.
If it worked before, it was likely a misconfiguration that someone fixed.
No, as I said, it was my fault because I wanted to try out something so I deleted the VPN client and all network adapters and then reinstalled everything… It was working perfectly before and I didnt’ have to configure anything on my side. And I have full admin rights on my machine since I’m an external consultant.
Unifying is old btw, there’s Bolt now which is way better. But I didn’t want to spend extra money on peripherals. Also the problem is that, as a mechanical kb enthusiast, I deeply hate those low tier garbage kbs. There are some brands that make good multi-device mechanical kbs but those are very expensive, and also why would I buy more peripherals if I already got them? The alternative would be to use a paid sw which uses Bluetooth connection like Across but that costs 36$/year and I also didn’t want to spend extra money on a subscription.
I totally understand the security implications, and I would be fine if company was paying for a multi-device solution on my end. Anyway, now I’ll have to choose between bluetooth paid sw, logitech/keychron hardware or a kvm switch with kb hotkey.
I thought about adding a static route, but I noticed the routes on my end where getting overwritten as connection was established (as you mentioned), and Pulse Secure probably does some checks every x seconds as well.
I honestly don’t get why I should send all traffic to the corporate network tho… Why not send just the requests that are actually meant for that network? Pulse Secure automatically sets some DNS on your machine, and I would be fine routing all traffic ONLY when I’m actually requesting one of those DNS… I see no point going through the corporate network when I’m just doing a research on Google since that adds extra latency for nothing, or even when wanting to connect to another device on my network.
You can easily exfiltrate corporate data even by simply recording your screen or using a clipboard solution through Bluetooth, so stopping just the communication with your local network is kinda pointless… Also it’s not like my PC is locked down and I cannot do anything unless I’m connected to the VPN. I can do whatever I want on my corporate PC, I just connect to the VPN when I need to access the on-premise infrastructure for maintenance, while for all operations on the cloud infrastructure I don’t use that.