[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More


Automatic VPN routes configuration for PPTP in Windows 7/8

Published on
30,341 Points
7 Endorsements
Last Modified:

Prerequisites for this article

To read this article you should understand the following concepts:
- routing
- network and netmask
- DNS server IP
- configuring PPTP VPN on Windows 7/8

The Problem

Suppose we have a PC with Windows 8 (or Windows 7) and we have administrator privileges on it. Now we decided to connect to our workplace with PPTP (server is already configured on remote site and it's configuration is not covered by this article).

Once we have configured our VPN connection we can see that there are only 2 options to configure IP networks going to VPN tunnel:

1) Use VPN as a default gateway (all packets go to VPN)
2) Use VPN with only one route to the network, based on peer's PPTP internal IP address (say if we connected to remote peer with VPN address, we route all network there).

What if we want to route more than one specific networks to VPN and everything else to our default internet gateway?

A special software exists to perform this kind of tasks, that is called 'Connection Manager' (CM). But this article is not about 3rd party CMs.

All we want is configure custom routes, going to VPN, with native Windows 7/8 tools, which will be automatically enabled once you connect to remote site (and they will be automatically removed, once you bring the VPN connection down, this is a default Windows behavior).


I assume you already have a configured PPTP connection. In my example VPN connection name is 'FarPost VPN'. Remember it, I will use it in many places. Replace it with the name of your VPN connection.

Suppose we wish to route only the following networks to the VPN:

Also we want to use DNS servers from the VPN (their addresses should be in one of the above routable networks). Our DNS servers will be and

- Run 'cmd.exe' as Administrator.
  Press Windows-F, find Files -> 'cmd.exe', right click and select 'Run as Administrator'

- Create a directory for your scripts. I will name it 'FarpostVPN' (run this command in cmd.exe):
mkdir C:\ProgramData\Microsoft\Network\Connections\Cm\FarpostVPN
cd C:\ProgramData\Microsoft\Network\Connections\Cm\FarpostVPN

Open in new window

- Create a custom 'route add' script (also run from cmd.exe):
notepad routes.netsh

Open in new window

and here is content of our 'routes.netsh' (don't forget to replace 'FarPost VPN' with your real connection name):
interface ipv4
add route prefix= interface="FarPost VPN" store=active
add route prefix= interface="FarPost VPN" store=active

Open in new window

save this script to C:\ProgramData\Microsoft\Network\Connections\Cm\FarpostVPN

- Now connect to your VPN (this is a trick to locate correct windows Event), if you are not already connected

- Run Windows event viewer (from cmd.exe run):

Open in new window

and locate the latest 'Informational' event here: Windows Logs -> Applications and Services Logs -> Microsoft -> Windows -> Network Profile -> Operational (log name) -> 10000 (event ID).
In my case the event looks like:
Network Connected
      Name: FarPost VPN
      Desc: FarPost VPN
      Type: Unmanaged
      State: Connected
      Category: Public

- Right click on this event and select 'Attach Task To this Event'
Now you know what to do, no?
Assign any name and add meaningful description (say "add routes to FarPost VPN")

- Press Next (you will be on 'When The Event is Logged' dialog)
- Press Next again
Select 'Start a program' and press 'Next'
- on 'Start a program' dialog enter:

Open in new window

Add arguments:  

exec routes.netsh

Open in new window

Start in:


Open in new window

press Next
- on 'Finish' dialog check the 'Open the properties dialog when I click Finish'
press Finish

- on Task properties dialog change the following:
General tab:
- check 'Run with highest privileges'
- configure for: (select Windows 8 or Vista)
Conditions tab:
- uncheck 'Start the task only if computer runs on AC power'
- Start only if the following network connection is available: select your VPN connection
press OK, your task is ready

- if you missed your task properties, in cmd.exe you can run:

Open in new window

and locate your task here:
Task Scheduler Library -> Event Viewer Tasks
here you can also 'Enable All Tasks History' and see when and what codes your task executed in 'History' tab

- close 'cmd.exe'

- now configure custom DNS servers on your VPN connection
right click on your VPN connection
select 'Properties'
'Networking' tab -> select 'Internet Protocol Version 4' -> Properties
select 'Use the following DNS server addresses':
enter Preferred DNS and Alternative server IP (your internal VPN server address, in my example it is and
press 'OK' and you are done

- now every time you connect to your VPN server, routes should be added automatically

Artyom A. Konovalenko

Featured Post

Acronis True Image 2019 just released!

Create a reliable backup. Make sure you always have dependable copies of your data so you can restore your entire system or individual files.

Join & Write a Comment

The goal of this Micro Tutorial is to help navigate beginning users with the app store on Windows 8. It will explain exciting features how to maximize your PC through these apps. This will be demonstrated using Windows 8 operating system.
The viewer will learn how to successfully download and install the SARDU utility on Windows 8, without downloading adware.

Keep in touch with Experts Exchange

Tech news and trends delivered to your inbox every month