0

Hi when I am not connected to my VPN and do a route print I get one 0.0.0.0 entry in the Network Destination column. It has a gateway of 192.....

When I connect to my VPN and do a route print I get two 0.0.0.0 entries in the Network Destination column. The first has a gateway of 192...., the same as above. The second has a gateway of 10.... which I'm assuming is my VPN gateway.

When I run a tracert to a website the I see the 10.... ip address followed by addresses in the VPN server I'm connecting to. All tests I have run online show only my VPN information. I cannot see my ip in any of the above steps.

What concerns me is that I see 0.0.0.0 and 192.... on both route print's whether I'm connected to VPN or not.

Is this normal behaviour or is my VPN leaking traffic?

I have seen people say to delete the route but that would force me to be connected to my VPN all the time which I don't want.

Any help?

Thanks..

Sami
  • 1
  • 1
  • Possible duplicate of [Networking Basics: How Do VPNs Route Traffic Without A Default Gateway?](https://superuser.com/questions/777495/networking-basics-how-do-vpns-route-traffic-without-a-default-gateway) – Bungicasse Feb 23 '19 at 18:24

1 Answers1

2

Well the 0.0.0.0 mask means to route all IP addresses through that tunnel - one with a lower metric will take priority. It first needs to route all traffic through your router - that being, of course, the default gateway which is your 192.168.x.x. This is needed as you connect to the internet through the router (which routes your traffic, so to speak) (If, say, you instead routed it through something like your TV, you wouldn't get anything - because first of all, the TV isn't connected to your ISP, and its not configured to forward packets correctly - so this rule must exist and must point to your router).

The other 0.0.0.0 route going through your 10.x.x.x server is the VPN one. So they are all fine - any leakages of data will happen if the connection cuts out, but programs may be configured to automatically cut the network connection if the VPN drops - this stops packets from momentarily going through your untunneled and insecure connection, and giving away your real IP.

If you see your VPN's IP address when you search for 'my ip' then its not leaking traffic - although, again, VPN programs should have an inbuilt disconnect to stop any UDP or TCP traffic leaking.

QuickishFM
  • 997
  • 1
  • 7
  • 18
  • Okay so this is normal and expected behaviour and I'm not leaking anything? Basically I shouldn't be concerned that I see 192.168.x.x whether I'm connected to vpn or not? Is this correct???? – Sami Feb 23 '19 at 18:33
  • @Sami Yes, it's fine. In fact, if you removed it, you'd never get any Internet because no traffic would leave your laptop through your router. The fact that it's there regardless of VPN shows its needed for normal traffic anyway. The VPN one just adds another route to ask the router to forward all requests through the VPNs server - that being the 10.x.x.x – QuickishFM Feb 23 '19 at 18:45
  • Okay thanks. I must ask though you say "you'd never get internet [without it]" if that is the case why does the top answer on this post https://superuser.com/questions/1021371/in-windows-10-how-do-you-ensure-all-traffic-goes-through-vpn Recommend to delete that route if you want to ensure all traffic goes through the VPN, according to you they would then have no internet access??? – Sami Feb 23 '19 at 18:49
  • @Sami I believe the VPN program already chooses the gateway as a source for traffic - though from configuring my own VPN server I had to leave the route in. That case is likely a commercial VPN where it automatically finds the gateway and routes through it automatically. Without the VPN connection, they confirm that no traffic can pass through. This is what I initially meant, though I forgot about the capability of the program to automatically pass traffic through the router. – QuickishFM Feb 23 '19 at 18:52
  • I am using a commercial VPN though. When I do a tracert I see my VPN gateway (10.x.x.x) and then the ip address is through the vpn provider so I am assuming I'm okay. My app has a killswitch and I can't detect any leaks so I'm assuming I'm good to go. – Sami Feb 23 '19 at 18:56
  • @Sami Yes, the killswitch protects you from any leakage. You should be good to go, and if you're ever in doubt, just check the IP on 'my ip' on Google is the same as the one on your VPN program. – QuickishFM Feb 23 '19 at 18:58