0

Windows 10. We have a VPN that we use to access our servers and we can also use that to protect internet traffic when connecting via public WiFi. I have checked the IPv4 advanced setting to use default gateway for the VPN network adapter.

When doing tracert to some arbitrary internet site, e.g. kth.se (Swedish edu institution), the route goes via one of our servers, indicating that it is routed via the VPN.

But when I do tracert to a domain that points to the public IP of one of our other servers (on the same LAN at our hosting company), the route seems to go through the public WiFi, none of our servers appearing anywhere in the list. (But the gateway of the public WiFi does appear).

Why is that, and how can I change it? In fact, how do I make sure all internet traffic goes through the VPN? (I'd like connection to fail if the VPN somehow gets lost, so I clearly notice it).

I read this post: In Windows 10 how do you ensure all traffic goes through VPN?

It tried to follow the instructions in Moab's answer but the route didn't change. I noticed that the public IP address I was testing with was listed as a separate line in the list of active routes, so I tried deleting that route as well. At that point I was unable to access anything, and my VPN was also disconnected. Unsure in what order what happened there and what caused what (maybe VPN was lost just before I deleted that route?).

Kjell Rilbe
  • 459
  • 5
  • 11
  • Maybe it's the case that all internet traffic already does use the VPN, except that server's public IP address? Maybe it can't route to that because it can't be seen "from the inside"? – Kjell Rilbe Sep 14 '19 at 10:27
  • 1
    I’m assuming that your remote VPN server is at the same IP address as the IP you are testing? That would explain why that one IP address does not go through the VPN. If you remove the default route in Moab’s suggestion the VPN will go down. I’m not sure what I’m missing in that post but it has upvotes, although it does not look like a solution that would work to me. You can’t send “All” traffic through the VPN. The VPN tunnel itself has to go over the public internet through the default route. Make sure you are using the VPN option to use the remote gateway. – Appleoddity Sep 14 '19 at 12:35
  • @Appleoddity I guess your comment should be marked as answer. Feel free to write it as an answer, and I'll mark it. – Kjell Rilbe Sep 15 '19 at 07:25
  • What we're trying to achieve is to have some of our web sites protected so only our staff can access them. Since the client's public IP address may change (working from home or "out and about"), hooking the client up via VPN would be a way to know the IP range to allow access to. The sites also need to be accessible from some cloud services, e.g. Auth0, so they need to be published on the server's public IP address. How could we actually achieve this? – Kjell Rilbe Oct 03 '19 at 06:01

0 Answers0