Multiple connections with VPN needed

Posted on 2002-06-13
Last Modified: 2010-04-11
Okay, I've seen parts of this posted in other questions but havent been able to put it all together.

I havea cable modem that Im connected to thru a linksys router (dont think thats part of it thou). I have set up a VPN to get into a clients machine. When I connect to the VPN network my normal interent connection is lost. The moment I disconnect from VPN it is restored.

How can I have both? I want to be able to get to lotus notes, email, etc will in the VPN. How can I share?

I have WIn2k.

Question by:Oshrin
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
LVL 63

Expert Comment

ID: 7076005
Here are some relevant comments from a similar Q.

From: mbruner  Date: 06/13/2002 08:25AM PST  
The reason your tracert shows your traffic going through your works Internet connection is that your
VPN has been setup to not allow split tunnelling.  It is done to help insure that someone doesn't bring
unauthorized traffic into the company network through an unsecured Internet connection.  Manually changing
your default gateway could cause your VPN connection to quit functioning or not establish at all.

The first thing to do should be to briefly try playing with your Outlook Express account settings.  
The "550 Relaying to <whoever> prohibited" typically means that your email server requires you to log
in before it will send email for you.  Here is a link to a very brief Q article on Microsoft's web-site
explaining the steps to get this working:;EN-US;Q197869&LN=EN-US&rnk=1&SD=tech&FR=0&qry=relaying%20prohibited&src=DHCS_MSPSS_tech_SRCH&SPR=OEX&

There are some ISP's out there that require their email users to access their accounts from a machine
using the ISP's IP address range.  If your VPN connection doesn't allow split tunnelling, then you will
be trying to attach to your email server using your works IP address and not the one the ISP assigned
to you.  This is likely the cause of your problem.  If so, then there isn't a lot you can do other than
disconnect from your VPN session and check your mail.  

I once saw some weird relaying errors with an email server that was caused by the client machine's Internet
domain name being different than what it expected.  It may be possible for a VPN connection to change
your machines Internet domain name (e.g. when setting up system parameters for
the VPN connection.  If the above steps don't would, you could try manually setting your Internet domain
name on your PC.  This typically overrides settings provided by DHCP.  Please note that I have only
seen this once, and I can't remember what email server they were running, so this suggestion is a major
shot in the dark.

My last suggestion would be to call your email provider, or the software company that wrote your email
server.  It is very likely that they have seen this before and could probably have you working in a
matter of minutes.

Hope it helps.  Good luck!  
From: mbruner  Date: 06/13/2002 08:33AM PST  
Also, to better answer if there is a way around the VPN connection's no-split tunnelling requirement,
it depends on your VPN connection.  If your work uses an enterprise level VPN server / concentrator,
then you probably can't get around it.  You can try changing your default gateway, but I really doubt
it will help.

You could alway try calling your works Network or Security Admins to see if you would allow you to do
split tunnelling.  Don't get your hopes up, but you never know...  


I hope this helps !

LVL 63

Accepted Solution

SysExpert earned 200 total points
ID: 7076018
More info :

From: tmirra
 When connecting thru a VPN is the user able to terminate the VPN client software and still have access    to the internet thru the ISP? Also, and this is more of a legal question but I want to know how other   companies are dealing with this. If the answer to the first part of my question is yes. Then can my     company be held liable for what someone does on the internet, i.e. download pornography? How are other    companies handling this.
 From: lrmoore            Date: 04/23/2001 06:10PM PST
     Yes. It is called "split tunneling". The simplest way to do it is to un-check the box to "use default gateway on remote network" from the TCP/IP settings when setting up the MSoft VPN (PPTP) client. Other    client software has other methods.

    >can my company be held liable for what someone does on the internet
  Not if you are not providing them Internet access through your corporate Internet connection, but they   are using a dial-up ISP account.
  If you do allow them access, then you should monitor the traffic and immediately fire anyone caught        violating company policies. Having a written policy is the biggest thing you can do to protect yourself.     Create an Internet Usage policy, and have everyone sign a statement to the effect that they have read    and understand..
  From: lrmoore        Date: 04/23/2001 06:41PM PST
   Not exactly, split-tunneling is where I first open a dial-up (or broadband) connection to the Internet,
     then open a second connection with the VPN client. Any traffic destined to/from the corporate network
       travels through the VPN, but all other normal web traffic bypasses the VPN and goes straight out through
         the ISP. If I don't enable split-tunneling, then when I make the VPN connection, ALL traffic tries to
        go through the tunnel and I will only be able to access the Internet sites allowed by the corporate
         policies enforced by firewalls, proxies, etc.
   Here is some information from several different vendors.

I hope this helps !

Author Comment

ID: 7076617
This is the part that worked for simple!


Yes. It is called "split tunneling". The simplest way to do it is to un-check the box to "use default
                   gateway on remote network" from the TCP/IP settings when setting up the MSoft VPN (PPTP) client. Other
                      client software has other methods.

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Meet the world's only “Transparent Cloud™” from Superb Internet Corporation. Now, you can experience firsthand a cloud platform that consistently outperforms Amazon Web Services (AWS), IBM’s Softlayer, and Microsoft’s Azure when it comes to CPU and …
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question