Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

correctly routing non-VPN traffic through users own internet

Status
Not open for further replies.
1DMF

1DMF

Programmer
Jan 18, 2005
8,795
0
0
GB
Hi,

I have a problem where our VPN users are surfing the web while connected to our company VPN and so is using our company internet connection for all traffic, slowing the entire company network down as well as other VPN users.

I searched the web and found someone who said that all you do is go to the VPN client properties then the Networking Tab -> IPV4/6 -> Properties -> Advanced, and remove the tick from 'Use default gateway on remote network'

However when this was done , none of the applications would work nor could I map the company network drives.

One assumes this is because now no traffic was using the VPN connection.

How do I configure this so only the traffic for the IP ranges relating to our company resources uses the VPN connection and all other traffic uses their own internet connection?

I'm assuming there is a way?

Thanks,
1DMF.

"In complete darkness we are all the same, only our knowledge and wisdom separates us, don't let your eyes deceive you."

"If a shortcut was meant to be easy, it wouldn't be a shortcut, it would be the way!"

MIME::Lite TLS Email Encryption - Perl v0.02 beta
 
Sort by date Sort by votes
I am guessing this will be specific for what VPN server and VPN client you are using. Care to tell us? In general, the buzz word you are looking for is split tunneling and is configured on the server.
It would be a security/anti-virus disaster if it could be configured on the client.

I tried to remain child-like, all I acheived was childish.
 
Upvote 0 Downvote

Standard Windows VPN client to Draytek firewall VPN router.



"In complete darkness we are all the same, only our knowledge and wisdom separates us, don't let your eyes deceive you."

"If a shortcut was meant to be easy, it wouldn't be a shortcut, it would be the way!"

MIME::Lite TLS Email Encryption - Perl v0.02 beta
 
Upvote 0 Downvote
having read a few threads is seems that the client does control this via the tick box I mentioned, the problem is that is is likely our internal IP/sub net is the same as the users home router and so it isn't being routed separately.

Is this correct, or have i read something wrong?

"In complete darkness we are all the same, only our knowledge and wisdom separates us, don't let your eyes deceive you."

"If a shortcut was meant to be easy, it wouldn't be a shortcut, it would be the way!"

MIME::Lite TLS Email Encryption - Perl v0.02 beta
 
Upvote 0 Downvote
I can confirm that to split tunnel you simply need to ensure that your users home default gateway is not on the same ip range as the remote VPN work gateway , then turn off the VPN client from using the remote default gateway.

If you have other resources inhouse that need chanelling down the vpn default gateway, you need to use 'route add' to add a specific binding from the desired ip and the required default gateway.

Once this is done , it works sweet!

"In complete darkness we are all the same, only our knowledge and wisdom separates us, don't let your eyes deceive you."

"If a shortcut was meant to be easy, it wouldn't be a shortcut, it would be the way!"

MIME::Lite TLS Email Encryption - Perl v0.02 beta
 
Upvote 0 Downvote
I would try to filter traffic by creating traffic rules. I am pretty sure that your firewall has some features to create and apply the traffic rules base on a specific criteria in order to improve performance of the network. Look up manufacturer's website for more details.
 
Upvote 0 Downvote
Thnks for the reply kyoores.

Could you please advise how I would go about changing my firewall in the office, to alter the way the client's (remote user's) router works?

I can't seem to get my head round how this would work.

Thanks,
1DMF

"In complete darkness we are all the same, only our knowledge and wisdom separates us, don't let your eyes deceive you."

"If a shortcut was meant to be easy, it wouldn't be a shortcut, it would be the way!"

MIME::Lite TLS Email Encryption - Perl v0.02 beta
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

teknance
  • Question
Discovering Portugal: Uncover Hidden Destinations and VPN Solutions
Replies
5
Views
305
GlobeTrekkerGal
GlobeTrekkerGal
sarahz2
  • Question
Best vpn safe and fast
Replies
4
Views
193
GlobeTrekkerGal
GlobeTrekkerGal
MP2023
  • Locked
  • Question
How to Create an site to site VPN
Replies
1
Views
169
sircles
sircles
ramblingrebel
  • Locked
  • Question
Built-in Windows 10 VPN
Replies
1
Views
125
Joon Smith
Joon Smith
LearningNetworking
  • Locked
  • Question
Linking Hosts on the same subnet via VPN
Replies
0
Views
219
LearningNetworking
LearningNetworking

Part and Inventory Search

Sponsor

Back
Top