Disable routing all traffic through VPN

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
doxymoron
Posts: 4
Joined: Fri Apr 04, 2014 2:27 pm

Disable routing all traffic through VPN

Post by doxymoron » Fri Apr 04, 2014 2:36 pm

Is there a way to disable routing all traffic through the VPN on the client side? Currently when I browse websites it routes through the VPN, also it prevents me from accessing certain local subnets on the client.

inten
Posts: 375
Joined: Fri Oct 18, 2013 8:15 am
Location: All around the world
Contact:

Re: Disable routing all traffic through VPN

Post by inten » Sat Apr 05, 2014 3:07 pm

You may remove gateway IP in the DHCP settings.
When you don't like the answer, change the question.
Cheers,
Team.

VPNHPanel.com
This account is not associated to SoftEther project.

doxymoron
Posts: 4
Joined: Fri Apr 04, 2014 2:27 pm

Re: Disable routing all traffic through VPN

Post by doxymoron » Mon Apr 07, 2014 1:45 pm

I don't have the Softether VPN software handing out IP addresses. My DHCP server on my local network does that, so I don't want to remove it. Others have suggested using the checkbox "No Adjustments of Routing Table" in the Softether VPN Client Manager, but this does not seem to fully work. For a while it will not route internet traffic through the VPN, then for no reason it will switch back and forth.

inten
Posts: 375
Joined: Fri Oct 18, 2013 8:15 am
Location: All around the world
Contact:

Re: Disable routing all traffic through VPN

Post by inten » Mon Apr 07, 2014 1:55 pm

What is wrong with "No Adjustments of Routing Table"?

doxymoron
Posts: 4
Joined: Fri Apr 04, 2014 2:27 pm

Re: Disable routing all traffic through VPN

Post by doxymoron » Mon Apr 07, 2014 2:25 pm

My understanding is that option should prevent a route being added to the VPN client machine to route all internet traffic through the VPN. It does not work correctly though. For example, on my client machine I go to whatismyip.com. Sometimes it will show the public IP of my client machine (correct). Sometimes it will show the public IP of my VPN machine (incorrect). While searching I found this post:

http://blog.boringit.com/2014/02/softet ... route.html

But even following his steps, I can't get it to stick. This post also has the same issue:

http://www.vpnusers.com/viewtopic.php?f ... ting#p5423

inten
Posts: 375
Joined: Fri Oct 18, 2013 8:15 am
Location: All around the world
Contact:

Re: Disable routing all traffic through VPN

Post by inten » Mon Apr 07, 2014 2:57 pm

OK.
My opinion is that "No Adjustments of Routing Table" works as intended.
When your DHCP server (doesn't matter if this is an SE or external server) sends out the requested information to the client it presents "GATEWAY" address. Client cannot ignore it because it has received it should consider further in its routing table.
In your case you should remove default gateway address from DHCP server reply. How? You to decide. It can be a reservation or anything else.

doxymoron
Posts: 4
Joined: Fri Apr 04, 2014 2:27 pm

Re: Disable routing all traffic through VPN

Post by doxymoron » Mon Apr 07, 2014 5:39 pm

Then it would be nice to have an option to allow this. I use OpenVPN AS, and my clients get their IP address from the same DHCP server, and they can be configured to not route ALL traffic through the VPN. Here is the route that SoftEther VPN adds without the checkbox for "No Adjustments of Routing Table":

Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.11.1 192.168.11.33 200

192.168.11.1 is the gateway of my local network the VPN is located on.

Here is with the box checked:

Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.11.1 192.168.11.33 200
0.0.0.0 0.0.0.0 192.168.207.1 192.168.207.87 266

This makes things quite messy, as sometimes it uses the VPN gateway, sometimes the local one.

OpenVPN has an option to allow routing all traffic through VPN or not to. When turned off only this route is added:

192.168.11.0 255.255.255.0 On-link 192.168.11.33 356

This way only traffic specifically going to the VPN network is routed through the VPN.

Rogerio.Saban
Posts: 2
Joined: Wed Apr 15, 2020 8:42 pm

Re: Disable routing all traffic through VPN

Post by Rogerio.Saban » Wed Apr 15, 2020 9:00 pm

inten wrote:
Sat Apr 05, 2014 3:07 pm
You may remove gateway IP in the DHCP settings.
Hi,
It works, but I lost the connection with any computer on the LAN behind the SoftEther.

I'm using AWS and I connect on SoftEther VPN.
When I've use the SoftEther gateway, I can access all computers behind the SoftEther Server, but I got the IP from AWS Network to navigate.
When I've disable the SoftEther gateway, I got my local IP to navigate, but I can't reach any computer behind the SoftEther server.

Could you help me ?

Thank you

Rogerio Saban

centeredki69
Posts: 309
Joined: Wed Sep 18, 2013 1:49 pm

Re: Disable routing all traffic through VPN

Post by centeredki69 » Wed Apr 15, 2020 10:48 pm

Rogerio Saban, Are you using secureNAT? If so create a static route to the remote network behind the SE-server. There is an option for this in SecureNAT configuration.

Example: Remote network behind the SE-server = 192.168.1.0/24

Static route
192.168.1.0/255.255.255.0/192.168.30.1

Rogerio.Saban
Posts: 2
Joined: Wed Apr 15, 2020 8:42 pm

Re: Disable routing all traffic through VPN

Post by Rogerio.Saban » Thu Apr 16, 2020 3:55 pm

Hi centeredki69,

It works fine, now I can connect on my entire AWS infra and browse the internet locally.

You're the best !!!!

I notice when I connect via RDP using the VPN, the connection is very slow.
When I connect directly via RDP, the connection works very fine.

I'll use about 30 VPN users and I'm concerned about performance

Is there any change that I have to do to improve the SoftEther VPN connection ?

Thank you !!!!

waleed
Posts: 2
Joined: Thu Jun 04, 2020 10:15 am

Re: Disable routing all traffic through VPN

Post by waleed » Thu Jun 04, 2020 10:19 am

Hi Rogerio Saban, Can you please tell exact steps? I am using sofether server in linux

waleed
Posts: 2
Joined: Thu Jun 04, 2020 10:15 am

Re: Disable routing all traffic through VPN

Post by waleed » Thu Jun 04, 2020 2:55 pm

Hi centeredki69,

Can you please elaborate the steps to accomplish this in linux Sofether VPN server? Thanks in advance.

Post Reply