VPN & Internet Traffic

[Collider]

Is it possible to configure your VPN connection in such a way that your local internet traffic still gets routed through your ISP connection instead of going through the overhead of being routed through VPN.

Forgive me if this is a silly question but I'm a bit of a noob when it comes to networking 🙂

The use case for this is as follows: I often VPN in order to RDP into remote PCs, when I do that streaming services (ie Rdio or Last.fm) seem to be effected due to reduced bandwidth, or the same goes for my local downloads. Ideally I would like them to stay unaffected.

This is on a hardwired connection, the box has dual Ethernet ports (not sure if this can help the solution)

 

[boochi]

No, you can specify individual IP addresses in the routing table to bypass the VPN. I would suggest creating a virtual machine and setting up the VPN inside of it for your RDP traffic.

 

[RadiclDreamer]

Sounds like what you want to do is "split tunneling"

More info here

http://en.wikipedia.org/wiki/Split_tunneling

Tell us how you vpn and maybe we can offer config advice

 

[bobdole369]

If you know the IP of your work machines, and the VPN connection creates a device, you can manually manipulate the routing table so only the remote machines you are working on go through that device. Depends on the VPN SW though.

 

[Collider]

Thanks for the replies.

I dont use any particular software for VPN, the connection is just setup through windows.

Split Tunneling approach:
- which software can I use that would support this?
- additionally slightly concerned about the security risks of exposing my traffic (according to the wiki link)

Routing Table approach:
- seems like it will work for me as I'm mostly worried about 1 or 2 IPs (RDio/Last.fm)
- given the info on my setup any articles/links on how I'd set that up?

 

[bobdole369]

windows command prompt

route -h

 

[boochi]

Thanks for the replies.

I dont use any particular software for VPN, the connection is just setup through windows.

Split Tunneling approach:
- which software can I use that would support this?
- additionally slightly concerned about the security risks of exposing my traffic (according to the wiki link)

Routing Table approach:
- seems like it will work for me as I'm mostly worried about 1 or 2 IPs (RDio/Last.fm)
- given the info on my setup any articles/links on how I'd set that up?

Ping the hostnames of the sites you want to add to the routing table to get the actual ip addresses. Then in a command prompt type " route -p add xxx.xxx.xxx.xxx yyy.yyy.yyy.yyy " where the x's represent the ip of the sites you want to add and the y's represent the gateway you want to use, for example (192.168.1.1).

 

[Fardringle]

If you are using Window 7, go to the "Network and Sharing Center", click on the "Connect To a Network" link to open the list of connections on the computer.
OR
If you are using Windows XP, open the "Network Connections" applet in the Control Panel.

then
Right-click on your VPN connection and select Properties. Click on the Networking tab. Click on Internet Protocol IPV4 (TCP/IPv4) (or just Internet Protocol (TCP/IP) in Win XP). Click the Properties button. Click the Advanced button. UN-check the box labeled "Use default gateway on remote network". Unless something is configured improperly on the remote network, this will make it so you can access resources on the remote network through the VPN connection, but your computer will use your local router/modem as the gateway for all traffic that needs to be routed (i.e. all Internet traffic).

 

[Collider]

Thanks guys, will be trying these once I get home 🙂

 

[her209]

As RadiclDreamer posted, split tunneling is what you want. Any traffic that is destined for the remote network is encrypted and tunneled and the other traffic is treated normally.

 

[Collider]

Ended up trying Fardringle's approach and unchecked "Use default gateway on remote network" and no more annoying buffering, local traffic is as fast as normal.

 

[dawks]

Ended up trying Fardringle's approach and unchecked "Use default gateway on remote network" and no more annoying buffering, local traffic is as fast as normal.

Yup, thats how I do it. Then when I need to connect to something at work, I specify its IP address, or append the DNS suffix so the system hits my corporate DNS server for certain VPN services.

You can do this on a Mac as well. There is a checkbox "send all traffic over the VPN tunnel". Unchecking it keeps general internet traffic out of the tunnel.