Prevent internet traffic from passing through VPN

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
qupfer
Posts: 202
Joined: Wed Jul 10, 2013 2:07 pm

Re: Prevent internet traffic from passing through VPN

Post by qupfer » Sun Feb 07, 2016 9:22 pm

On windows
route /?

On linux:
man ip
---

remove default route
add route for lan B
add new default route


Or disable DHCP and set IP manual without a gateway

thisjun
Posts: 2458
Joined: Mon Feb 24, 2014 11:03 am

Re: Prevent internet traffic from passing through VPN

Post by thisjun » Thu Feb 18, 2016 5:46 am

Please increase value of SoftEther VPN NIC metric.

baldowl
Posts: 3
Joined: Fri Mar 04, 2016 9:49 pm

Re: Prevent internet traffic from passing through VPN

Post by baldowl » Fri Mar 04, 2016 10:11 pm

Just wondering...

Is there no way of customizing the routes via some sort of config file? I routinely do this in OpenVN, but I find SoftEther much nicer to use and wish I could just do a "set it and forget it" config there for my custom routes.

Basically, I just want to route to specific addresses on the other side of the world via the VPN while sending the bulk of my traffic over my local ISP. I don't want that VPN bandwidth swamped by stuff I can get much faster by a direct Internet connection

I am currently manually altering the routing each time via a batch file run as an admin user, but it seems a bit kludgy.

qupfer
Posts: 202
Joined: Wed Jul 10, 2013 2:07 pm

Re: Prevent internet traffic from passing through VPN

Post by qupfer » Sat Mar 05, 2016 10:46 am

baldowl wrote:
> Just wondering...
>
> Is there no way of customizing the routes via some sort of config file?

SofEther is a Layer2 VPN (like openvpn in tap-mode). You can imagine it like a virtual wire between two virtual interfaces. Thats all. And now you have to configure it, like you have two "real" interfaces.
OpenVPN use some configuration parameters to create the needed "route" commands, but these are not directly related to the VPN. Just "comfort"

baldowl
Posts: 3
Joined: Fri Mar 04, 2016 9:49 pm

Re: Prevent internet traffic from passing through VPN

Post by baldowl » Sat Mar 05, 2016 11:29 am

Thank you for the reply, and I take the point of your explanation.

But the problem I have with running a batch file manually is that if the connection to the VPN breaks then auto-reconnects, the routes I have set in the batch file are overwritten and the default route (manually reset by my batch file to my LAN-ISP gateway) is restored to the VPN gateway, so all traffic goes through the VPN again.

This doesn't happen when OpenVPN auto re-connects, presumably because it allows user-defined routes to be set from the client-side config file each time after the initial connection has been made, overriding the settings from the server.

Maybe I should study the SoftEther source and see if that gives me a clue, but that wouldn't help me solve the problem in Windows, since even if I could modify the source, I don't have the means to compile Windows programs from source (and don't particularly want to...)

thisjun
Posts: 2458
Joined: Mon Feb 24, 2014 11:03 am

Re: Prevent internet traffic from passing through VPN

Post by thisjun » Fri Apr 01, 2016 6:30 am

Please think the problem as real network.
I think there is some demon in your OS to set route automatically.

baldowl
Posts: 3
Joined: Fri Mar 04, 2016 9:49 pm

Re: Prevent internet traffic from passing through VPN

Post by baldowl » Fri Apr 08, 2016 9:04 am

Just to clarify. The OP's problem, like mine, was specifically to do with using the SoftEther *client* (as distinct from using the OpenVPN client or the L2TP clients to connect to VPNGate servers). So changes to the local L2TP client aren't relevant.

I have now, reluctantly, abandoned using the SoftEther client when connecting to VPNGate servers and reverted to the openVPN client to access those servers, so my issue is no longer important.

For my specific case (which is in essentials the same as the OPs but in a different context), I need a client that will BOTH let me override any routes pushed from the server during the connection and substitute my own customized routing table to use the VPN for only a limited subset of destination networks, AND, crucially, will retain or automatically restablish my customized routing table across interruptions and consequent automatic reconnects. It's that second condition that the SoftEther client fails to meet, and which the developers seem to think it's no business of a client to provide when a user or some OS demon can manage it themselves.

My point was that, like the OP, I have no problem with running a script to set up my custom routing when the SoftEther client first connects, but I find that whenever there's an automatic reconnect, the server-pushed routes are silently restored, with no "hook" to alert the user to the need to re-run the route customization script.

Contrast this with the OpenVPN client, where the client config provides not only for overriding server-pushed routes with user-defined routes from the client config file itself, but also restores those user-defined routes if an unintended disconnect and auto-reconnect takes place. Additionally, the OpenVPN client config allows for specifying user-supplied scripts to be run on a series of events, including re-connect as well as connect and disconnect. As far as I can see, the SoftEther client lacks a parallel facility.

I take the point that a physical run of cable lacks those features, too, but then all other implementations of a VPN client that I know regard those features as necessary and provide them in one way or another. And for my use-case, they are absolutely indispensible.

thisjun
Posts: 2458
Joined: Mon Feb 24, 2014 11:03 am

Re: Prevent internet traffic from passing through VPN

Post by thisjun » Wed Nov 09, 2016 8:16 am

If you need some routing over VPN, please add such routes or pushing static route from DHCP server.

Post Reply