I recently worked a few times at home using company VPN. Once connected with VPN, I remote desktop to my computer in my office to work. The VPN speed is unstable, sometimes slow, sometimes all right. I would like to only use remote desktop through VPN. All other internet access from my local network. There are problems on both Mac os and Windows, and their problems are different.
I first tried with mac os. I have mac os EI Capitan, which is not the latest OS Sierra.
The connection to the VPN is totally fine. But after connecting, I still couldn’t access my remote desktop. I couldn’t even ping my PC in the office.
I checked my VPN IP address and found that it’s different from my office LAN IP. The VPN adapter has an IP address of 172.16.1.118, but my office computer has an IP address of 192.168.0.50. But this wasn’t the problem. If you are trying to fix your VPN IP, stop it.
I checked my route table with the command netstat -nr and noticed that there was no routing route to the VPN network.
I then added a static route manually using the following command:
sudo route -n add 192.168.0.0/24 172.16.1.1
This did all the trick for me.
Now I can remote desktop to my office PC, and my local network is used to access the internet.
whereas on Windows 10, it’s a different situation. VPN connection on Windows 10 is straightforward. Windows can detect the VPN protocol type, you don’t have to enter if you don’t know.
Once connected, I could remote into my office computer without any problem. But my internet became very slow, as all my traffic went to the VPN. I found out this by trace route.
And interestingly, there are two routes for defaults. Obviously, the second one is used.
This is not what I want, I need to change my routing table to route all other traffic (outside 192.168.0.1 – 192.168.0.254 range) to my local gateway.
I did this by using the following command:
route delete 0.0.0.0
route add 192.168.0.0 mask 255.255.255.0 172.16.1.118
route add 0.0.0.0 mask 0.0.0.0 172.16.1.118
In theory, the above command should resolve the problem. But It didn’t. I couldn’t access any internet anymore. I could still access the VPN network.
The default route was not working.
Now my routing table looked like:
The routing table is perfect, but it didn’t work as expected.
The one more trick to do is to disable Use default gateway on remote network
Refer to this page for more info: https://support.microsoft.com/en-us/help/2716544/default-route-is-used-unexpectedly-for-a-vpn-connection-in-windows-8-a
You need to do this for both ipv4 and ipv6.
Once this is done, reconnect to the VPN. This time, your routing table will not be changed by VPN.
But the behavior will become the same as mac os. I couldn’t access my office network by default. I needed to add a static route to access my office network.
I did these commands again
route add 192.168.0.0 mask 255.255.255.0 172.16.1.118
route add 0.0.0.0 mask 0.0.0.0 172.16.1.118
Now, all done. I can access my office PC through remote desktop. And all my other traffic to the internet will still go through my local network.