Weird Windows 2000 VPN Behavior

[Paper Tiger]

OK, this is kind of frustrating.

When you connect to Windows 2000 RRAS as a VPN client, all
your Internet traffic is actually routed through RRAS
server's internal ethernet interface.

That means, if I have a highspeed, and I am trying to
download some huge file for my private use, all the
traffic actually goes through my company's
router/firewall, VPN tunnel, then comes back to me???!!!!

!@##@$@#%@#$@!~%$#%

It seems once I have VPN connected, I'd better behave
myself. Why don't those firewall VPN clients have this
problem? They work like that VPN traffic goes through VPN,
and others go to regular Internet.

 

[Marc Reynolds [MSFT]]

Hi,

It sounds like you want to do a "split tunnel".

1. Disable Use default gateway on remote network on the VPN connectoid.

2. Because you have no routes to the VPN network, add routes for the
remote subnets that you need to gain access to. For example, if the
network to which you make the VPN connection is on the 10.0.0.X
network, add a route to this subnet going over the VPN.

3. To have a gateway to specify in this route that you added, the
clients must request a specific IP address when they connect, so this
affects how you hand out addresses to all clients. For example, have
all your clients request a specific IP address; do not merely assign a
random IP address from your RAS pool.


Thanks,
Marc Reynolds
Microsoft Technical Support

This posting is provided "AS IS" with no warranties, and confers no rights.