Don't route general internet traffic

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
rp-approvedfood
Posts: 3
Joined: Mon Mar 21, 2022 1:31 pm

Don't route general internet traffic

Post by rp-approvedfood » Wed Mar 23, 2022 1:35 pm

Hello

As per the title, I would like to know how to configure SE so that when a connection is established, the client does NOT send its general internet traffic down the VPN.

On the old Windows VPN client, it was as straight forward as unticking a box in the Network adapter properties > Advanced etc but I can't seem to find an option either in the SE client or OpenVPN client (which my Mac users use).

Thanks for any suggestions or help, I have consulted the almighty Google but there wasn't anything that seemed relevant to my configuration.

nobody12
Posts: 139
Joined: Sat Feb 13, 2021 10:22 pm

Re: Don't route general internet traffic

Post by nobody12 » Wed Mar 23, 2022 6:33 pm

you have the following options when using windos 10 with the SE native client:
if you use the secure-nat feature, in the dhcp options of the secure-nat subnet, dont set a default route.
if you use the default settings of Softether:
open the network adapter properties on the client, tcp-ipv4, anvanced settings:
make sure that the automatic metric checkbox is not selected. Enter a large value like 500 as the metric value
in the settings of the VPN client: advanced settings: check "no adjustment of routing table"

Regarding openVPN:
you have to build an openVPN config file (for the client) which will not set a default route:
like:
route-nopull
route 192.168.10.0 255.255.255.0

if 192.168.10.0 is the network behind the VPN with a 24bit netmask, the Route-nopull statment should make the client ignore routes (including the default route) which are pushed by the server.

Post Reply