Problems with VPM and Default Gateway

[Dave Donohue]

I have been searching the Web and newsgroups for weeks trying to
determine the answer to this problem - if anyone knows how to help,
I'd be immensely grateful.

My home office machine runs XP Pro and connects to Sprint ADSL via a
D-LINK DI-514 router and Zyxel 645M DSL model.

That setup works fabulously on its own. However, when I connect to
one of my clients' networks via VPN, all traffic is routed through the
VPN even though the "use default gateway on remote network" box is not
checked in VPN properties. This causes all sorts of problems for me,
from DNS and routing resolution to apps like IM disconnecting and
reconnecting when the VPN is established or dropped. In addition, I
don't want my FTP, etc. transfers clogging up their network 2000 miles
away.

Has anyone seen this problem before? If so, how was it resolved?

 

[allan grossman [mvp]]

Hi, Dave -

What you're asking for is a feature called 'split
tunneling' and is not supported by most business or
government networks I've seen. To be completely honest
if I were in charge of your client's network I'd route
all IP traffic through the VPN also - as allowing a PC to
act as a bridge between a trusted network and the
untrusted Internet creates a pretty huge security hole.
Anything that has access to your PC also has access to
the corporate network through the VPN - this includes
remote desktop applications, trojans, viruses, and even
fairly innocent applications run by less-than-innocent
users ;-)

If you're set on split tunneling it might be a good idea
to contact your client and ask them if they can help set
you up. Some VPNs can be configured to route only
certain ports through the VPN.

Hope this helps -



My guess is that your VPN client is routing all IP
traffic through the VPN - and that's generally not
configurable at the workstation end.