Long version, since march we are working from home at my company and we use Cisco AnyConnect VPN.
I’m using my own PC, not the one provided by the company.
Can they collect my browsing history?
If you’re browsing the web while connected to the VPN, yes
Best advise - don’t go to an websites you don’t want them to know about while connected to the VPN.
Worked on a large multinational 60K person company and various small to medium local ones.
Once in the 10+ years I’ve managed these services, have I ever been asked to provide that sort of information. This was for a high profile person leaving and possibly doing something illegal. Generally nobody cares unless HR has a legit reason to care.
However at times, we use them privately within our network team we like to highlight the uselessness of other IT colleagues who do fuck all much of the day. Thats pretty much the extent of it for me, but I’m sure this can vary wildly depending on the company.
Even if OP’s company is using split tunneling, they’re possibly still going to see DNS requests. If you can reach internal resources without having to use IP addresses, chances are they are using internal DNS servers and can see what websites you go to. They’ll know you looked up reddit.com but not that you went to /r/cableporn.
While connected to vpn, check ipconfig /all and look for DNS servers for the anyconnect session. If there is something in there that looks like a corporate IP address, they’re seeing your DNS requests. Now, are they actually logging lookups? That depends on the company’s policies.
Potentially is the best answer. If they’re doing split tunneling absolutely not. If they’re not doing split tunneling and all your traffic is tunneled over anyconnect the session is encrypted until your traffic exits the firewall and goes to the destination you requested on the internet assuming your anyconnect connection is terminated on their edge device. So they’d have to be interested in that traffic and match your anyconnect ip to the website destination; there is software that does this and can even automatically apply usernames to the traffic. So the answer is it depends but if you don’t know then you should assume they can.
Depends if they are split tunneling or not. Most places will split tunnel internet traffic to keep that on the end users internet. So all the web traffic doesn’t need to go over the VPN. If they use full tunnel then that means all your internet traffic goes over the VPN and through there network. You could run a trace route to a public website like reddit.com and see if it goes through the company vpn.
You would need to open a command prompt and type
tracert reddit.com and that would show you all the hops your traffic takes to hit reddit.com. Run it with the VPN connected and disconnected if they are the same then you are split tunnel.
I will also note that some corporate A/V packages track internet usage. So if you have your corporate AV installed it might report internet usage with the VPN connected or disconnected.
Maybe. Depends on how they set up the VPN the connection.
It’s a really slippery slope. I think they would need your permission to track your activity on your own personal property, excluding any traffic going through the tunnel. You may have given them permission at some point. If not and they fire you because you were checking out a porn site, while not attached to the VPN, then they open themselves up for a lawsuit for invading your privacy. I’m not a lawyer, but I’m pretty sure if they got your browser history, without your permission, then are setting themselves up for civil litigation and possibly criminal as well.
If you’re browsing the web while connected to the VPN, yes maybe
I don’t think so, I don’t see any other software besides the VPN
What does this mean? I tried with and without the VPN connected.
C:\Users\Fede777>tracert apple.com
Tracing route to apple.com [17.253.144.10]
over a maximum of 30 hops:
1 <1 ms <1 ms <1 ms 192.168.0.1
2 * * * Request timed out.
3 * * * Request timed out.
4 * * * Request timed out.
5 * ^C
C:\Users\Fede777>tracert apple.com
Tracing route to apple.com [17.253.144.10]
over a maximum of 30 hops:
1 8 ms <1 ms <1 ms 192.168.0.1
2 * * * Request timed out.
3
BTW I use cloudflare as my DNS, if that changes anything.
Like I said I’m using my own PC
Maybe being blocked by your firewall. Try to disable it in windows. The first hop should be your main router.