Most of us are typically connecting to one or many different client networks from various locations throughout the day, while others (present company included) may be logged into the same VPN tunnel day after day after day.
The default behavior when using a built-in Windows XP Virtual Private Network connection (as well as on some third-party clients, depending on configuration) is to set the default gateway to the VPN connection. This effectively routes all remote traffic over the tunnel, which can cause numerous headaches. For one, at the time of connection currently running apps like Office Communicator, Live Messenger, and Outlook will temporarily lose their connection to their server and either automatically reconnect or require manual intervention. Another issue is access to browse the internet from your workstation to limited by the remote client’s routes, rules, and bandwidth.
Since it is preferable to use your local Internet connection for all outbound traffic and limit traffic to the VPN connection to desired requests only, I wrote a simple command line script that does this, which can be downloaded from the attached zip file at the bottom of this post.
: This script will search the ipconfig command output for a specific : subnetwork string and capture the network portion of the IP. It : will then use that captured variable to add multiple routes. : This specific iteration and version is used to set routes to a : network after connecting to their VPN host. It assumes that the : network portion of the leased IP address will not be different : from the defined SUBNET variable. Update that variable declaration : if it does in fact change. : VERSION: 1.2 : USAGE: Modify SUBNET variable : Create valid route statements for unique networks : COMMAND LINE: [script name] : REQUIREMENTS: 'ipconfig.exe' must be located in %PATH%. :******************************************************************** @echo off
PPP adapter VPN: Connection-specific DNS Suffix . : cch.com Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface Physical Address. . . . . . . . . : 00-53-45-00-00-00 Dhcp Enabled. . . . . . . . . . . : No IP Address. . . . . . . . . . . . : 10.10.10.64 Subnet Mask . . . . . . . . . . . : 255.255.255.255
: This variable is the network portion of the IP address. : UPDATE THIS ADDRESS TO MATCH YOUR VPN CONNECTION : usage: "set SUBNET=[NETWORK]" set SUBNET=10.10.10 : Set temporary files set TFILE=routes.tm1 set OFILE=routes.tm2 if exist %TFILE% del %TFILE% if exist %OFILE% del %OFILE% : Discover host portion of VPN-assigned IP address ipconfig >> %TFILE% findstr /i /c:"%SUBNET%." %TFILE% >> %OFILE% for /f "tokens=16 delims=." %%i in (routes.tm2) do set IP=%%i
: Add temporary routes to remote networks : UPDATE THESE COMMANDS TO CREATE NEW ROUTES FOR YOUR VPN CONNECTION : usage: "route add [NETWORK] mask [SUBNET MASK] %SUBNET%.%IP%" route add 10.150.20.0 mask 255.255.255.0 %SUBNET%.%IP% route add 22.214.171.124 mask 255.255.0.0 %SUBNET%.%IP% : Temporary File Cleanup if exist %TFILE% del %TFILE% if exist %OFILE% del %OFILE%