VPN cannot choose right connection

[Justin]

I'm trying to use a VPN connection and it works fine if I'm using my wired
connection, however if I'm on my wireless network at home, the VPN connection
does not work unless I disable the ethernet card. Any ideas on what I can try?

 

[Bob F.]

Where is the other end of your VPN? In your enterprise? Virtual Private
Network (VPN) allows you to tunnel to a secured private network. The
administrator on the other far end, depending on the richness of the tools
he has, may limit the number of hops allowed through the VPN connection. In
order to maintain security, when you connect through VPN every other
connection (sometime including printers) are shut off at your end but you
can get to almost anything on the far end. If the VPN client can not shut
down another port on this end, it may not connect to VPN. This is by design
to maintain security integrity. So you need to ask you administrator how he
has this configured. I had one administrator not even know this feature
existed and I was able to walk him through shutting it off. The tool had
port granularity.

 

[Justin]

I think I didn't make my problem clear, the VPN is at my school, and while
I'm at home I use my wireless network, but at school I use a ethernet
connection. At school, the VPN connections works great over ethernet. At home
however, when using the wireless, the VPN connection appears to connect but I
just get limited connectivity and cannot access any network resources. If I
disable my ethernet card, then the VPN works fine. It seems like the VPN
connection is trying to use the ethernet connection, despite the fact that it
is not connected.

 

[Bob F.]

ok, now I understand. Looks like your VPN client isn't steering to the
right port. At home you want it to go to your wireless port and at school
you want it to go to your Ethernet port. This depends on how smart your VPN
client is. Do you have any config option in the client setup that will help
you? If not, your solution may be as close as your going to get, although
kind of a kludge. After disable your Ethernet card, and let your VPN card
route to your wireless card, and then re-enable you Ethernet card, does it
still work? Or does that kill it? At the command prompt, type "route
print" before and after the Ethernet disable and look at the route
differences. You may want tackle a macro to "Route Add" the route you need.
There may be a simpler solution or a fault that I missed, but this is about
as far as I can take you.

 

[Justin]

Well you got my pointed in the right direction, I ended up just clearing my
routing table (route -f) and that seems to have fixed the problem

 

[Bob F.]

Watch out, that table get's built in RAM at each boot. It will revert on
you.

 

[Justin]

Well you got my pointed in the right direction, I ended up just clearing my
routing table (route -f) and that seems to have fixed the problem

After more investigation, I've discovered that this solution only works for
the first time I connect. I've discovered that I can force the connection by
manually entering the route and specifying the interface I want to use. I
could probably write this into a script, but it seems cumbersome for
something that should work. I can only assume that there are other people at
my University who use their machines in the same configuration and they can't
all be having problems. Perhaps I should add that this same symptom is
displayed no matter what wireless network I'm connected to.

What seems to happen is that Windows will try to find the correct interface
and adds that to the routing table, however since the ethernet is
disconnected, it cannot be added and therefore the connection fails. How does
Windows decide which interface to try? Perhaps it is because the ethernet
card has a lower interface number (i.e. 8 whereas the wireless card is 13).
BTW, I have an Intel 3945ABG card. I wonder what would happen if the roles
were reversed, any way to try this out?

 

[Bob F.]

Justin,
Take a look at this:
http://technet.microsoft.com/en-us/library/bb490991.aspx
And in particular at the "-p" option. This might make your situation stick.

 

[Justin]

Well I can't figure out how to make it switch between interfaces. I think i
might just stick with disabling the ethernet card, thanks for your help!