![]() Id -G | grep -qE '\' || die 'Not running with admin rights.' # messages like 'The route addition failed: The object already exists.' ![]() # should normally not be needed unless this script fails and you get error # experimental setting to delete routes to the target network prior and after # other routes that might match the target network # except in te very rare cases where it should be set to a value lower than all # optional setting for metric which normally shouldn't be necessary, # local machine, you normally don't need to set this as the script tries to # the IP you will get on the target network, also the VPN gateway on your # Format is in CIDR notation with the network address and a forward slash and # and in some cases it can't be properly determined automatically so this might # This setting here might be important because it's about the target network It also sets the interface number (IF) explicitly to counter some problems some users (like me) had with the other solutions here. It has some settings and tries to detect some of the things you didn't explicitly set. It runs on a Cygwin-powered UNIX shell on Windows 7 or newer but should also work with MSYS2, Bash-on-Windows after build 14986, or Busybox for Windows). If you added persistent routes, you can check them by executing netstat -rn | grep -A10 'Persistent Routes'.Īnd, finally, run a few tracert commands against both IP addresses which are supposed to be accessed via VPN and against those which should work without VPN. Pros: necessary routes are added each time VPN connection is established and deleted each time it is disconnected.Ĭons: there is no Get-VpnConnectionRoutes cmdlet so it can be hard to manage these rules.ģ) Check and ensure routing works as expected! ![]() Pros: no need to change anything if your VPN address ( w.x.y.z) will change.Ĭons: need to re-create routes with new ID if you delete your VPN connection.Īdd-VpnConnectionRoute -ConnectionName '' -DestinationPrefix a.b.c.d/ This ID can be found by executing netstat -rn, or, for more compact output, netstat -rn | grep -A10 'Interface List'. Where a.b.c.d is the target address/network and interface number is identifier of your VPN connection. You can find w.x.y.z by executing ipconfig and looking for your VPN connection name or, if you use PowerShell, you can get compact output by executing ipconfig | grep -A5 PPP (which will output 5 lines after finding each PPP connection).Ĭons: you will have to re-create routes if your VPN IP will change.Ģ.2) Add permanent route via VPN network interface: Where 'VPN gateway' = 'your IP on VPN network' = w.x.y.z and target address/network = a.b.c.d. Route -p add a.b.c.d/ w.x.y.z or route -p add a.b.c.d mask e.f.g.h w.x.y.z Here you have 3 options:Ģ.1) Add permanent route via VPN gateway: I don't know exactly where and how these rules are configured, but such scenario exists - probably it is some magic done by VPN network administrators.Ģ) Make only necessary traffic going via VPN. ![]() (!) It is (sometimes) possible that unchecking that checkbox will be enough for normal work - in my experience, necessary routes (which will direct necessary traffic via VPN) can be added automatically after VPN connection is established. Usually I simply disable IPv6 protocol completely for VPN connection. Make sure to uncheck this checkbox for both IPv4 and IPv6. ![]() For this you must uncheck Use default gateway on remote network checkbox in VPN settings. Whole procedure consists of 3 basic steps:ġ) Make all traffic NOT going via VPN. Not much new here, but a summary of all good options described in previous answers and in other related threads. A 'short' guide for noobs like me, who don't know much about networks. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |