Computers, Programming, Technology, Music, Literature

Posts Tagged ‘split tunneling

Troubleshooting Remote VPN and Internet access at the same time

leave a comment »

 

 

Issue: When connected to Remote Access VPN, internet cannot be reached because of IP routing conflicts

Solution: Enable Split Tunneling for the VPN connection, and add routing for the IP addresses on the device

 

On a Windows 10, When Remote VPN is connected, internet disconnects. Let’s say, 192.168.20.123 is an IP address on the VPN. In the screenshot below, when internet is connected, google.com pings, however 192.168.20.123 doesn’t ping. Expected behavior because we are not connected to VPN yet.

 

image

When Remote VPN connectivity is established, the internet goes off, and the VPN machine starts pinging.

image

So, that’s the issue.

Solution

Step 1:

Disconnect the VPN.

Open Windows Powershell, and type in the command to enable Split Tunneling for the VPN connection.

Set-VpnConnection  -Name “TheVPNConnectionName” –SplitTunneling $True –PassThru

 

image

If VPN connectivity is attempted now, after the Split Tunneling change, notice the internet works, however VPN machine cannot be reached.

image

 

Step 2:

Add a persistent route for the destination.

We need four things to add a permanent route:

  1. The destination IP address [Eg: 192.168.20.123]
  2. Subnet mask [Eg: 255.255.255.255]
  3. Destination gateway [Eg: 192.168.20.1]
  4. VPN network interface id (route print command, and identify the Interface ID of the VPN connection)

[Eg: In the example below, the Interface Number for the VPN connection is 69]

image

 

Open a command prompt with Elevated Privileges, and type in the below command to add a permanent route to the destination IP address. For more IP addresses, repeat the command by changing the destination IP address.

 

route add –p 192.168.20.123 MASK 255.255.255.255 192.168.20.1 IF 69

 

Now, internet connectivity works as expected. If there is a request for 192.168.20.123 IP address which is on the VPN, then the route would go through the VPN interface.

image

That’s it.

Advertisements

Written by gmaran23

February 21, 2017 at 3:32 pm