Guest David Posted March 17, 2008 Posted March 17, 2008 Our customer would like to set all remote clients to access the internet though the VPN. This isn't a problem but one of the requests is that traffic to two specific sites doesn't go over the VPN and goes straight out of their home ADSL connection. I'm sure this cannot be done but just wanted clarification.
Guest Andrew Lomakin Posted March 17, 2008 Posted March 17, 2008 Re: Internet Over a VPN connection VPN only sets up a new default gateway for you. I think that VPN routing is more costly than LAN, so you can set a script that will add route to the IP of the site you want through user's gateway, instead of VPN tunnel's suggested gateway. Should work :) Regards, Andrew "David" <wibble@wobble.com> wrote in message news:u%23ZDEMEiIHA.1184@TK2MSFTNGP04.phx.gbl... > Our customer would like to set all remote clients to access the internet > though the VPN. This isn't a problem but one of the requests is that > traffic to two specific sites doesn't go over the VPN and goes straight > out of their home ADSL connection. I'm sure this cannot be done but just > wanted clarification. >
Guest Bill Grant Posted March 17, 2008 Posted March 17, 2008 Re: Internet Over a VPN connection Are you using the Microsoft VPN client? By default it will send all non-local traffic across the VPN (ie the VPN link becomes its default gateway). If you clear the "Use default gateway..." box, only a subnet route will be set up to the VPN server, and the default gateway will still be to the local ADSL gateway. As Andrew said, after that you can modify what goes where with static routing. "Andrew Lomakin" <lomakin@one.lv> wrote in message news:OUyKZkEiIHA.484@TK2MSFTNGP06.phx.gbl... > VPN only sets up a new default gateway for you. > I think that VPN routing is more costly than LAN, so you can set a script > that will add route to the IP of the site you want through user's gateway, > instead of VPN tunnel's suggested gateway. > > > Should work :) > > Regards, > > Andrew > > > > "David" <wibble@wobble.com> wrote in message > news:u%23ZDEMEiIHA.1184@TK2MSFTNGP04.phx.gbl... >> Our customer would like to set all remote clients to access the internet >> though the VPN. This isn't a problem but one of the requests is that >> traffic to two specific sites doesn't go over the VPN and goes straight >> out of their home ADSL connection. I'm sure this cannot be done but just >> wanted clarification. >> >
Guest Andrew Lomakin Posted March 18, 2008 Posted March 18, 2008 Re: Internet Over a VPN connection You can actually leave the `use default gateway` setting on, but once VPN'ed the route to the VPN-provided gateway will be of a higher cost. If you then add specific routes to the hosts you want to access directly, they will have a lower cost, thus won't use VPN, eventually requested setup will be implemented in full - all sites will go through VPN, but some requested sites will still go directly. Regards, Andrew "Bill Grant" <not.available@online> wrote in message news:ebcxEzHiIHA.5820@TK2MSFTNGP04.phx.gbl... > Are you using the Microsoft VPN client? By default it will send all > non-local traffic across the VPN (ie the VPN link becomes its default > gateway). > > If you clear the "Use default gateway..." box, only a subnet route will > be set up to the VPN server, and the default gateway will still be to the > local ADSL gateway. As Andrew said, after that you can modify what goes > where with static routing. > > "Andrew Lomakin" <lomakin@one.lv> wrote in message > news:OUyKZkEiIHA.484@TK2MSFTNGP06.phx.gbl... >> VPN only sets up a new default gateway for you. >> I think that VPN routing is more costly than LAN, so you can set a script >> that will add route to the IP of the site you want through user's >> gateway, instead of VPN tunnel's suggested gateway. >> >> >> Should work :) >> >> Regards, >> >> Andrew >> >> >> >> "David" <wibble@wobble.com> wrote in message >> news:u%23ZDEMEiIHA.1184@TK2MSFTNGP04.phx.gbl... >>> Our customer would like to set all remote clients to access the internet >>> though the VPN. This isn't a problem but one of the requests is that >>> traffic to two specific sites doesn't go over the VPN and goes straight >>> out of their home ADSL connection. I'm sure this cannot be done but just >>> wanted clarification. >>> >> >
Guest Bill Grant Posted March 18, 2008 Posted March 18, 2008 Re: Internet Over a VPN connection Yes, you can leave the default gateway setting alone. It really depends on what you want the default situation to be. "Andrew Lomakin" <lomakin@one.lv> wrote in message news:uBZisLNiIHA.1944@TK2MSFTNGP02.phx.gbl... > You can actually leave the `use default gateway` setting on, but once > VPN'ed the route to the VPN-provided gateway will be of a higher cost. If > you then add specific routes to the hosts you want to access directly, > they will have a lower cost, thus won't use VPN, eventually requested > setup will be implemented in full - all sites will go through VPN, but > some requested sites will still go directly. > > Regards, > > Andrew > > > "Bill Grant" <not.available@online> wrote in message > news:ebcxEzHiIHA.5820@TK2MSFTNGP04.phx.gbl... >> Are you using the Microsoft VPN client? By default it will send all >> non-local traffic across the VPN (ie the VPN link becomes its default >> gateway). >> >> If you clear the "Use default gateway..." box, only a subnet route >> will be set up to the VPN server, and the default gateway will still be >> to the local ADSL gateway. As Andrew said, after that you can modify what >> goes where with static routing. >> >> "Andrew Lomakin" <lomakin@one.lv> wrote in message >> news:OUyKZkEiIHA.484@TK2MSFTNGP06.phx.gbl... >>> VPN only sets up a new default gateway for you. >>> I think that VPN routing is more costly than LAN, so you can set a >>> script that will add route to the IP of the site you want through user's >>> gateway, instead of VPN tunnel's suggested gateway. >>> >>> >>> Should work :) >>> >>> Regards, >>> >>> Andrew >>> >>> >>> >>> "David" <wibble@wobble.com> wrote in message >>> news:u%23ZDEMEiIHA.1184@TK2MSFTNGP04.phx.gbl... >>>> Our customer would like to set all remote clients to access the >>>> internet though the VPN. This isn't a problem but one of the requests >>>> is that traffic to two specific sites doesn't go over the VPN and goes >>>> straight out of their home ADSL connection. I'm sure this cannot be >>>> done but just wanted clarification. >>>> >>> >> >
Recommended Posts