Setting VPN to go through certain IPs and not others
Solution 1
Go into:
- Control Panel -> Network Connections -> find your VPN connection
- Right-click it and select properties.
- Find the TCP/IP settings and then the 'advanced' settings pane.
- Untick 'use default gateway on remote network'
Solution 2
The CheckPoint VPN client should be doing split tunneling by default, that is, there will be a route (you can run print route
to see what I mean) that directs all traffic destined to the 10.0 subnet to your VPN interface/gateway. If it isn't then you can uncheck it:
right-click Systray icon > Settings > Properties of your profile > Advanced tab > "Route all traffic through gateway" or something like that and uncheck it.
What this means is that you shouldn't have any problems getting to your webserver by IP but perhaps the CheckPoint is changing your DNS settings? Do you have a DNS server running? i.e. do you normally access your webserver via IP (http://192.168.0.42) or DNS?
Related videos on Youtube
sal
Updated on September 17, 2022Comments
-
sal over 1 year
I'm a scientific programmer with a loose grasp of what goes on under the hood in my small home network so bear with me whilst I try and explain using the correct words if possible.
My home network of five PCs (Windows 7, Vista, 2003, 2 x XP) uses the
192.168.0.0
range of IP addresses. My ADSL router is192.168.0.1
and is set to do DHCP and all that good stuff. So far, so good. Most importantly I can connect to my local web server on192.168.0.42
.I frequently have to connect up to a client's VPN using Checkpoint SecureClient. When I do so I'm given a
10.something
IP address on the 'virtual' network card.If I'm connected to the VPN I can no longer connect to my
192.168.0.42
web server.How can I tell my PCs to only go via the VPN for anything beginning
10.*
and to stay 'local' for everything else?(below added following Chris Thorpe's answer)
BTW I don't see the VPN connection under Control Panel. I just see my physical NIC. Here's what I see running
ipconfig
, if that helps:Ethernet adapter Local Area Connection* 6: Connection-specific DNS Suffix . : <removed for security!> IPv4 Address. . . . . . . . . . . : 10.14.2.130 Subnet Mask . . . . . . . . . . . : 255.255.255.128 Default Gateway . . . . . . . . . : Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : IPv4 Address. . . . . . . . . . . : 192.168.0.101 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.0.1
(another edit following gravyface's response)
A route print gives 50+ lines of routing info. Here's some lines if that helps...
=========================================================================== Interface List 11 ...54 ec 6d 95 66 05 ...... Check Point Virtual Network Adapter For SecureClient 8 ...00 19 d1 6a 79 cb ...... Intel(R) 82566DC Gigabit Network Connection 1 ........................... Software Loopback Interface 1 =========================================================================== IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.101 10 10.0.2.0 255.255.255.0 10.14.2.129 10.14.2.130 1 10.1.0.0 255.255.0.0 10.14.2.129 10.14.2.130 1 10.2.0.0 255.254.0.0 10.14.2.129 10.14.2.130 1 10.4.0.0 255.255.0.0 10.14.2.129 10.14.2.130 1 <lots of 10.* removed> <some seemingly random IP addresses removed until we get to the 192.168 > 192.168.0.0 255.255.255.0 On-link 192.168.0.101 266 192.168.0.0 255.255.255.0 10.14.2.129 10.14.2.130 1 192.168.0.101 255.255.255.255 On-link 192.168.0.101 266 192.168.0.101 255.255.255.255 10.14.2.129 10.14.2.130 1 192.168.0.255 255.255.255.255 On-link 192.168.0.101 266 192.168.0.255 255.255.255.255 10.14.2.129 10.14.2.130 1 192.168.4.0 255.255.255.0 10.14.2.129 10.14.2.130 1 192.168.16.0 255.255.255.0 10.14.2.129 10.14.2.130 1 192.168.64.0 255.255.255.0 10.14.2.129 10.14.2.130 1 192.168.67.0 255.255.255.0 10.14.2.129 10.14.2.130 1 192.168.120.0 255.255.255.0 10.14.2.129 10.14.2.130 1 192.168.125.0 255.255.255.0 10.14.2.129 10.14.2.130 1 192.168.140.0 255.255.255.0 10.14.2.129 10.14.2.130 1 192.168.150.0 255.255.255.0 10.14.2.129 10.14.2.130 1 192.168.250.3 255.255.255.255 10.14.2.129 10.14.2.130 1 192.168.250.8 255.255.255.254 10.14.2.129 10.14.2.130 1 192.168.253.1 255.255.255.255 10.14.2.129 10.14.2.130 1 192.168.253.2 255.255.255.255 10.14.2.129 10.14.2.130 1 192.168.254.3 255.255.255.255 10.14.2.129 10.14.2.130 1 192.168.254.8 255.255.255.254 10.14.2.129 10.14.2.130 1 192.168.254.10 255.255.255.255 10.14.2.129 10.14.2.130 1 192.168.255.1 255.255.255.255 10.14.2.129 10.14.2.130 1 192.168.255.2 255.255.255.255 10.14.2.129 10.14.2.130 1 <some other non 192.168* removed> 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 10.14.2.130 256 255.255.255.255 255.255.255.255 On-link 192.168.0.101 266 =========================================================================== Persistent Routes: None IPv6 Route Table =========================================================================== Active Routes: If Metric Network Destination Gateway 1 306 ::1/128 On-link 1 306 ff00::/8 On-link =========================================================================== Persistent Routes: None