Page 1 of 1
[Windows] VPNClient becomes isolated from LAN
Posted: Mon Nov 10, 2025 11:10 pm
by Elezorn
Hello everyone
There's a machine with some service running on it(ex. file/web server) which is accessible across whole LAN via address:port. But when User starts a vpnclient session then physical connection(ethernet or wifi) becomes marked as "Unidentified" and can't be changed and services are no longer accessible by anyone.
Tried playing with interface metrics, but the only two states are:
either whole traffic goes through vpn tunnel(which is good) and local service not accessible LAN-wise
or
vpn tunnel active with traffic not going through it(which is bad) and local service accessible LAN-wise
So the main idea/question is: Is it possible for windows machine to have local shares/services not being isolated from LAN while whole traffic goes through tunnel? Same config works on official Linux client and 3rd party android client. Am I missing something or is there some limitations?
Thanks
Re: [Windows] VPNClient becomes isolated from LAN
Posted: Tue Nov 11, 2025 8:24 am
by solo
Disable TunnelCrack protection.
Re: [Windows] VPNClient becomes isolated from LAN
Posted: Sun Nov 16, 2025 10:16 am
by Elezorn
solo wrote: ↑Tue Nov 11, 2025 8:24 am
Disable TunnelCrack protection.
Toggling TunnelCrack protection as well as "Windows network optimization"/recreating vpn adapter/running as user or admin doesn't change anything. Tried on two versions on VPN Client:
W10 19045.6456
VPN Adapter 4.25.9658
SE Client 4.43 Build 9799
SE Client 4.44 Build 9807
Re: [Windows] VPNClient becomes isolated from LAN
Posted: Sun Nov 16, 2025 1:16 pm
by solo
Please start a VPN on the client and post as code the output of:
Re: [Windows] VPNClient becomes isolated from LAN
Posted: Sun Nov 16, 2025 4:13 pm
by Elezorn
solo wrote: ↑Sun Nov 16, 2025 1:16 pm
Please start a VPN on the client and post as code the output of:
Ping to local gateway
Code: Select all
C:\Users\ELEZO>ping 192.168.1.1
Обмен пакетами с 192.168.1.1 по с 32 байтами данных:
Ответ от 192.168.1.1: число байт=32 время=3мс TTL=64
Ответ от 192.168.1.1: число байт=32 время=2мс TTL=64
Ответ от 192.168.1.1: число байт=32 время=2мс TTL=64
Ответ от 192.168.1.1: число байт=32 время=2мс TTL=64
Статистика Ping для 192.168.1.1:
Пакетов: отправлено = 4, получено = 4, потеряно = 0
(0% потерь)
Приблизительное время приема-передачи в мс:
Минимальное = 2мсек, Максимальное = 3 мсек, Среднее = 2 мсек
Ping to remote gateway (thru VPN tunnel)
Code: Select all
C:\Users\ELEZO>ping 192.168.100.1
Обмен пакетами с 192.168.100.1 по с 32 байтами данных:
Ответ от 192.168.100.1: число байт=32 время=59мс TTL=64
Ответ от 192.168.100.1: число байт=32 время=56мс TTL=64
Ответ от 192.168.100.1: число байт=32 время=56мс TTL=64
Ответ от 192.168.100.1: число байт=32 время=56мс TTL=64
Статистика Ping для 192.168.100.1:
Пакетов: отправлено = 4, получено = 4, потеряно = 0
(0% потерь)
Приблизительное время приема-передачи в мс:
Минимальное = 56мсек, Максимальное = 59 мсек, Среднее = 56 мсек
netstat
Code: Select all
C:\Users\ELEZO>netstat -r
===========================================================================
Список интерфейсов
9...00 ff 0e c2 f5 5d ......TAP-Windows Adapter V9 for OpenVPN Connect
64...b8 88 e3 74 a1 b6 ......Qualcomm Atheros AR8161 PCI-E Gigabit Ethernet Controller (NDIS 6.30)
73...........................OpenVPN Data Channel Offload
26...ae e0 10 dd 27 c9 ......Microsoft Wi-Fi Direct Virtual Adapter #5
17...ae e0 10 dd 2f c9 ......Microsoft Wi-Fi Direct Virtual Adapter #6
10...00 50 56 c0 00 01 ......VMware Virtual Ethernet Adapter for VMnet1
29...00 50 56 c0 00 08 ......VMware Virtual Ethernet Adapter for VMnet8
48...5e 07 fa c5 19 63 ......VPN Client Adapter - VPN
18...ac e0 10 dd 27 c9 ......Dell Wireless 1820A 802.11ac #2
49...ac e0 10 dd 27 ca ......Bluetooth Device (Personal Area Network) #4
1...........................Software Loopback Interface 1
24...b0 83 85 57 55 5a ......Sierra Wireless Mobile Broadband Network Adapter
===========================================================================
IPv4 таблица маршрута
===========================================================================
Активные маршруты:
Сетевой адрес Маска сети Адрес шлюза Интерфейс Метрика
0.0.0.0 0.0.0.0 192.168.100.1 192.168.100.16 35
1.1.1.1 255.255.255.255 192.168.1.1 192.168.1.69 35
WAN.IP.THRU.VPN 255.255.255.255 192.168.1.1 192.168.1.69 35
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
130.158.6.69 255.255.255.255 192.168.1.1 192.168.1.69 35
130.158.6.126 255.255.255.255 192.168.1.1 192.168.1.69 35
192.168.1.0 255.255.255.0 On-link 192.168.1.69 291
192.168.1.69 255.255.255.255 On-link 192.168.1.69 291
192.168.1.255 255.255.255.255 On-link 192.168.1.69 291
192.168.19.0 255.255.255.0 On-link 192.168.19.1 291
192.168.19.1 255.255.255.255 On-link 192.168.19.1 291
192.168.19.255 255.255.255.255 On-link 192.168.19.1 291
192.168.100.0 255.255.255.0 On-link 192.168.100.16 291
192.168.100.16 255.255.255.255 On-link 192.168.100.16 291
192.168.100.255 255.255.255.255 On-link 192.168.100.16 291
192.168.145.0 255.255.255.0 On-link 192.168.145.1 291
192.168.145.1 255.255.255.255 On-link 192.168.145.1 291
192.168.145.255 255.255.255.255 On-link 192.168.145.1 291
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 192.168.100.16 291
224.0.0.0 240.0.0.0 On-link 192.168.145.1 291
224.0.0.0 240.0.0.0 On-link 192.168.19.1 291
224.0.0.0 240.0.0.0 On-link 192.168.1.69 291
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 192.168.100.16 291
255.255.255.255 255.255.255.255 On-link 192.168.145.1 291
255.255.255.255 255.255.255.255 On-link 192.168.19.1 291
255.255.255.255 255.255.255.255 On-link 192.168.1.69 291
===========================================================================
Постоянные маршруты:
Сетевой адрес Маска Адрес шлюза Метрика
0.0.0.0 0.0.0.0 10.106.90.18 1
===========================================================================
IPv6 таблица маршрута
===========================================================================
Активные маршруты:
Метрика Сетевой адрес Шлюз
1 331 ::1/128 On-link
10 291 fe80::/64 On-link
29 291 fe80::/64 On-link
10 291 fe80::59aa:9ce5:34c2:b635/128
On-link
29 291 fe80::9d9a:a7cb:3919:fcc4/128
On-link
1 331 ff00::/8 On-link
10 291 ff00::/8 On-link
29 291 ff00::/8 On-link
===========================================================================
Постоянные маршруты:
Отсутствует
Re: [Windows] VPNClient becomes isolated from LAN
Posted: Sun Nov 16, 2025 8:23 pm
by Elezorn
solo wrote: ↑Sun Nov 16, 2025 1:16 pm
Please start a VPN on the client and post as code the output of:
netstat
Code: Select all
C:\Users\ELEZO>netstat -r
===========================================================================
Список интерфейсов
9...00 ff 0e c2 f5 5d ......TAP-Windows Adapter V9 for OpenVPN Connect
64...b8 88 e3 74 a1 b6 ......Qualcomm Atheros AR8161 PCI-E Gigabit Ethernet Controller (NDIS 6.30)
73...........................OpenVPN Data Channel Offload
26...ae e0 10 dd 27 c9 ......Microsoft Wi-Fi Direct Virtual Adapter #5
17...ae e0 10 dd 2f c9 ......Microsoft Wi-Fi Direct Virtual Adapter #6
10...00 50 56 c0 00 01 ......VMware Virtual Ethernet Adapter for VMnet1
29...00 50 56 c0 00 08 ......VMware Virtual Ethernet Adapter for VMnet8
48...5e 07 fa c5 19 63 ......VPN Client Adapter - VPN
18...ac e0 10 dd 27 c9 ......Dell Wireless 1820A 802.11ac #2
49...ac e0 10 dd 27 ca ......Bluetooth Device (Personal Area Network) #4
1...........................Software Loopback Interface 1
24...b0 83 85 57 55 5a ......Sierra Wireless Mobile Broadband Network Adapter
===========================================================================
IPv4 таблица маршрута
===========================================================================
Активные маршруты:
Сетевой адрес Маска сети Адрес шлюза Интерфейс Метрика
0.0.0.0 0.0.0.0 192.168.100.1 192.168.100.16 35
1.1.1.1 255.255.255.255 192.168.1.1 192.168.1.69 35
WAN.IP.THRU.VPN 255.255.255.255 192.168.1.1 192.168.1.69 35
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
130.158.6.69 255.255.255.255 192.168.1.1 192.168.1.69 35
130.158.6.126 255.255.255.255 192.168.1.1 192.168.1.69 35
192.168.1.0 255.255.255.0 On-link 192.168.1.69 291
192.168.1.69 255.255.255.255 On-link 192.168.1.69 291
192.168.1.255 255.255.255.255 On-link 192.168.1.69 291
192.168.19.0 255.255.255.0 On-link 192.168.19.1 291
192.168.19.1 255.255.255.255 On-link 192.168.19.1 291
192.168.19.255 255.255.255.255 On-link 192.168.19.1 291
192.168.100.0 255.255.255.0 On-link 192.168.100.16 291
192.168.100.16 255.255.255.255 On-link 192.168.100.16 291
192.168.100.255 255.255.255.255 On-link 192.168.100.16 291
192.168.145.0 255.255.255.0 On-link 192.168.145.1 291
192.168.145.1 255.255.255.255 On-link 192.168.145.1 291
192.168.145.255 255.255.255.255 On-link 192.168.145.1 291
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 192.168.100.16 291
224.0.0.0 240.0.0.0 On-link 192.168.145.1 291
224.0.0.0 240.0.0.0 On-link 192.168.19.1 291
224.0.0.0 240.0.0.0 On-link 192.168.1.69 291
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 192.168.100.16 291
255.255.255.255 255.255.255.255 On-link 192.168.145.1 291
255.255.255.255 255.255.255.255 On-link 192.168.19.1 291
255.255.255.255 255.255.255.255 On-link 192.168.1.69 291
===========================================================================
Постоянные маршруты:
Сетевой адрес Маска Адрес шлюза Метрика
0.0.0.0 0.0.0.0 10.106.90.18 1
===========================================================================
IPv6 таблица маршрута
===========================================================================
Активные маршруты:
Метрика Сетевой адрес Шлюз
1 331 ::1/128 On-link
10 291 fe80::/64 On-link
29 291 fe80::/64 On-link
10 291 fe80::59aa:9ce5:34c2:b635/128
On-link
29 291 fe80::9d9a:a7cb:3919:fcc4/128
On-link
1 331 ff00::/8 On-link
10 291 ff00::/8 On-link
29 291 ff00::/8 On-link
===========================================================================
Постоянные маршруты:
Отсутствует
Ping to both remote and local gateways
Code: Select all
C:\Users\ELEZO>ping 192.168.100.1
Обмен пакетами с 192.168.100.1 по с 32 байтами данных:
Ответ от 192.168.100.1: число байт=32 время=57мс TTL=64
Ответ от 192.168.100.1: число байт=32 время=57мс TTL=64
Ответ от 192.168.100.1: число байт=32 время=57мс TTL=64
Ответ от 192.168.100.1: число байт=32 время=56мс TTL=64
Статистика Ping для 192.168.100.1:
Пакетов: отправлено = 4, получено = 4, потеряно = 0
(0% потерь)
Приблизительное время приема-передачи в мс:
Минимальное = 56мсек, Максимальное = 57 мсек, Среднее = 56 мсек
C:\Users\ELEZO>ping 192.168.1.1
Обмен пакетами с 192.168.1.1 по с 32 байтами данных:
Ответ от 192.168.1.1: число байт=32 время=2мс TTL=64
Ответ от 192.168.1.1: число байт=32 время=2мс TTL=64
Ответ от 192.168.1.1: число байт=32 время=2мс TTL=64
Ответ от 192.168.1.1: число байт=32 время=4мс TTL=64
Статистика Ping для 192.168.1.1:
Пакетов: отправлено = 4, получено = 4, потеряно = 0
(0% потерь)
Приблизительное время приема-передачи в мс:
Минимальное = 2мсек, Максимальное = 4 мсек, Среднее = 2 мсек
Re: [Windows] VPNClient becomes isolated from LAN
Posted: Mon Nov 17, 2025 1:47 am
by solo
Elezorn wrote: ↑Mon Nov 10, 2025 11:10 pm
Is it possible for windows machine to have local shares/services not being isolated from LAN while whole traffic goes through tunnel?
Yes and it is not only possible but just works by default when TunnelCrack protection is off. We need more tests.
- on 192.168.1.69 PC with the web server (or such) disable the firewall (temporarily).
- on 192.168.1.x LAN client of the web server stop SSDP Discovery service.
- start the VPN on 192.168.1.69 and then from 192.168.1.x ping 192.168.1.69
?
Re: [Windows] VPNClient becomes isolated from LAN
Posted: Mon Nov 17, 2025 3:57 pm
by will siggel
the vpn disconnects my internet connection anytime i switch it on , but once i disconnect the vpn , the internet is restored .
what can i do?