Forcing all traffic through the VPN only?

  • Thread starter Thread starter cxc
  • Start date Start date
C

cxc

I am currently using windows XP and I am having difficulties to find a
way to force all my internet traffic to go through my vpn... Basically
what I'd like to see is: if my vpn (pptp) connection is alive, then
all traffic goes through it, but if the connection drops, no traffic
whatsoever can go through (my overall internet connection should die
until the vpn connection is up again...)

Any idea how to achieve that in XP?

Thanks in advance!
 
Try configuring the VPN connectoid on your computer to use the default
gateway on the remote network. The link below explains how to do that.

Steve

http://www.windowsecurity.com/articles/VPN_Client_Security_Issues.html

The important VPN client configuration option is the use default gateway on
remote network. This option appears in various locations, depending on the
version of Microsoft VPN client you're using. On a Windows XP Professional
Computer, you'll find it this way:
1.. Right click the My Network Places icon on the desktop and click
Properties.
2.. Right click on of your VPN client connections in the Network
Connections window and click Properties.
3.. Click the Networking tab, and then click on the Internet Protocol
(TCP/IP) entry and click the Properties button.
4.. On the General tab of the Internet Protocol (TCP/IP) Properties dialog
box, click the Advanced button.
5.. On the General tab of the Advanced TCP/IP Settings dialog box, note
the Use default gateway on remote network option.
 
Steve, thank you for the suggestion. Unfortunately, this option was
already setup by default. The issue is that this security option is
active only when the VPN connection is active. The issue I have is
less about making sure that the connection is secure while the vpn is
active, but more about ensuring that no traffic can go through if I
don't connect to the vpn or if the vpn connection goes down (usually
when the vpn connection goes down, the traffic then just goes directly
onto the internet, with no security features whatsoever, and that is
my problem)

I've seen several requests about this issue, but haven't noticed any
solution anywhere....

Let me know if you can think of anything else...

Thank you!
 
OK. It looks as I misread what you wanted - sorry about that. When your VPN
connection goes down then your computer uses the default gateway defined for
your network adapter. Problem is you can't change that to be the DG for your
VPN connection because you need to establish an internet connection before
you can use the VPN in your case. You may need to look at a hardware
solution that uses a ipsec VPN endpoint device at each side of the VPN
connection, configure each side to have a complaint policy with each other
and then send all traffic through the VPN ipsec tunnel between the two of
them.

Steve
 
Back
Top