Re: Split Tunnelling

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance


in this case, you may do no thing except she has a problem to access the Internet or access remote resources. this may help, quoted from  http://howtonetworking.com.
 

Split Tunnel issue in VPN

Situation: 1. After establishing a VPN connection, the VPN client can’t access the Internet.

2. After establishing a VPN connection, the VPN client can’t access other remote resources except the VPN server.

Analysis: by default, the VPN client adds the remote default route to its routing table and increases the metric of the existing default route to ensure that the remote default route is used. The remote default route points to the new connection, which ensures that any packets that are not addressed to the local LAN segment are sent to the remote network. In this case, the VPN client will not be able to access the Internet. Note: click here for example.

However, in other cases, if the VPN client doesn’t add the remote default route to its routing table or doesn’t increases the metric of the existing default route to ensure that the remote default route is used, the VPN client can’t reach the remote resources except the VPN server.

Resolutions: 1. On the VPN server, create a split tunnel to let the VPN client to access the Internet.

2. Alternatively, you can create batch file to delete the default router and another router for the remote network.

Case Study

Related Topics

VPN Browsing Issues
VPN Logon Issues
VPN Name Resolution
VPN as Router
VPN Routing Issues
VPN TCP/IP Settings
Ports for VPN
VPN/PPTP
VPN Slow Issues



Don't send e-mail or reply to me except you need consulting services. Posting on MS newsgroup will benefit all readers and you may get more help.

Bob Lin, MS-MVP, MCSE & CNE
How to Setup Windows, Network, Remote Access on http://www.HowToNetworking.com
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
This posting is provided "AS IS" with no warranties.
I have one user on my office network that need to be connected to an VPN. 
But she also needs access to her files/program on the network. So, she needs
to be on the office network and connected to the VPN simutenously.  (Note:
she is not a remote user, she is physically in our office).

 I found these articles explaining split tunneling:
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/DepKit/9b118c40-ac6f-475e-ba19-0acfc0025ecc.mspx
http://www.microsoft.com/technet/community/columns/cableguy/cg1003.mspx

The user is using XP Pro SP2.  We are using Windows Server 2003.   My
question is since only one user on the office network needs split tunnelling,
will all my other users be exempt from this?

Relevant Pages

  • RE: Remote desktop over a VPN
    ... I understand the issue to be: you have created VPN ... from SBS to remote network, however you can not VPN to remote network from ... This issue may occur because the ISA Server Firewall Client program does ...
    (microsoft.public.windows.server.sbs)
  • Re: Remote User Management
    ... The problem is management of remote computers and compliance ... when they do not have network ... We have been considering installing Site-Link VPN appliances at the ... establish connectivity to domain resources. ...
    (microsoft.public.windows.server.active_directory)
  • Re: VPN Connection to remote site.
    ... If you need further assistance about SBS and ISA in the future, please feel free to post back. ... >Subject: Re: VPN Connection to remote site. ... >problematic and we found that the EPOS PC tended to drop off the network ...
    (microsoft.public.windows.server.sbs)
  • Re: Remote site browsing and file access
    ... than routing typically causes for remote netbios name resolution). ... -- uses software VPN to connect 10.10.0.0/255.255.248.0 network to remote ... -- Server provides all local DNS and DHCP ...
    (microsoft.public.windows.server.sbs)
  • Re: RASd in : why traffic sent through VPN router ?
    ... inet gateway to 10+ secs when routed through remote VPN inet gateway. ... Exchange Server on the local network, ...
    (microsoft.public.windowsxp.network_web)