How to stop client's internet traffic redirected to VPN

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
tc1010
Posts: 10
Joined: Thu Feb 12, 2015 8:15 pm

How to stop client's internet traffic redirected to VPN

Post by tc1010 » Thu Feb 12, 2015 9:11 pm

I've just installed SoftEther VPN 4.14 server on my Windows 7 PC within a Windows 2008 domain to set up a PC-to-Lan remote access VPN. I used most of the default settings to build this VPN server and everything is working fine at this point. A remote SoftEther VPN client can connect to this VPN Lan and access all the resources without any issues. All is good.
However, I really want the clients to be able to access the Lan only. I don't want their internet traffic to be redirected to this VPN and put extra burden on our domain.
How can I stop the redirect through the server settings? I can't seem to find a solution. I tried the SecureNAT and it somewhat worked but I would rather use local bridge if I could.

mashuser
Posts: 5
Joined: Sat Jan 17, 2015 1:18 am

Re: How to stop client's internet traffic redirected to VPN

Post by mashuser » Fri Feb 13, 2015 8:03 am

You can do this via Access Lists.

Add the source/destination to your lan only
then deny everything else.
If you can push routes via DHCP, add the routes to your lan via the vpn gateway.

See this thread, http://www.vpnusers.com/viewtopic.php?f=7&t=3533

I just dont know how to do the DHCP part on windows servers.

tc1010
Posts: 10
Joined: Thu Feb 12, 2015 8:15 pm

Re: How to stop client's internet traffic redirected to VPN

Post by tc1010 » Fri Feb 13, 2015 3:51 pm

Thanks for the reply.
Access Lists doesn't seem to work on this though. It blocks the client's redirected internet traffic alright but apparently the VPN server still keeps the redirect going. As a result, clients can not access any internet sites at all.
Regarding the pushing routes via DHCP on Windows server part, unfortunately I have no idea either.

mesa57
Posts: 153
Joined: Fri Oct 11, 2013 4:00 pm
Location: Netherlands

Re: How to stop client's internet traffic redirected to VPN

Post by mesa57 » Sat Feb 14, 2015 6:41 am

Set the metric of the VPN client adapter to automatic or a high number (>200).

softether_fans
Posts: 5
Joined: Sat Oct 11, 2014 7:50 am

Re: How to stop client's internet traffic redirected to VPN

Post by softether_fans » Sun Feb 15, 2015 1:53 pm

First, you need to go to VPN client "xxxx connection" ----> "Advanced Settings" --> "No Adjustment of Routing table", check it.

Second, you need to modify the vpn virtual adapter, make it metrics to a bigger value than your local real adapter which goes to internet.

tc1010
Posts: 10
Joined: Thu Feb 12, 2015 8:15 pm

Re: How to stop client's internet traffic redirected to VPN

Post by tc1010 » Sun Feb 15, 2015 10:52 pm

Thank you guys, it works.
I wish there is a way I can set it up at VPN server's end though.
Sometimes it is simply not possible to count on clients to modify their systems.
As a result, clients could get much slower internet speed during VPN sessions.
Following is a before-and-after test result for a client's system.
Before modify the client's metric: download speed 4 Mb/s
After modify this client's metric: download speed 18 Mb/s

ofeikes
Posts: 4
Joined: Sun Oct 04, 2015 7:46 pm

Re: How to stop client's internet traffic redirected to VPN

Post by ofeikes » Thu Oct 15, 2015 4:22 pm

How do I set "the metric"? That setting has escaped my searching in the various places so far...


Thanks!

mesa57
Posts: 153
Joined: Fri Oct 11, 2013 4:00 pm
Location: Netherlands

Re: How to stop client's internet traffic redirected to VPN

Post by mesa57 » Thu Oct 15, 2015 7:13 pm

On vpn tcp/ip interface advanced property's

Post Reply