IP routing over VPN

Posted on 2006-05-26
Last Modified: 2010-04-12
Hi All,
A small problem that hopefully you can help with.

I work from a home network with an IP address range of but a server on
I connect to a number of remote offices via a software VPN link to a hardware VPN router in the offices and am given an IP address of for the VPN link.  

All the offices have a server with an IP address of the problem is when I try to remote desktop to the servers in the remote offices by IP address (  I  obviously can only connect to the server on my local network.  So my question is how can I connect to any of the remote servers.  Unfortunately changing any of the IP addresses isn't an option.

I'm thinking along the lines of forcing my laptop to route any requests to the address through the vpn connection when it is available?

Any ideas greatly received.

Question by:Eden-IT
    LVL 79

    Expert Comment

    I would highly suggest changing your home network subnet. There are very few options for you.
    What VPn client do you use? If Cisco, then you have ZERO capability to affect the routing from the client end.
    This is the problem with 1/2 the people in the world using 192.168.1.x


    Author Comment

    I'm using the windows software vpn clinet.
    Changing the subnet is not a starter as I also need to access each of the office when I am at any of the offices (if that makes sense!).  Changing the subnet at the offices would be a massive job and isn't going to happen!
    LVL 79

    Expert Comment

    Looks like we have ourselves painted into a corner . . .
    It's still a basic routing issue.
    The NIC has a local IP of
    The VPN client has a local IP of 192.168.1.xx
    The server (every one of them) is
    As far as the NIC is concerned, is local - always and forever. It won't/can't forward that through any gateway.
    There's a little thing called ARP and ARP cache that caches the mac-IP mapping. Even if you clear the arp cache, the first time you try to access, the first reponse to an arp request (who has ? what is your MAC address?) will always be the local server because it's an arp broadcast.
    Only because you are using Microsoft client -- you *could* try a route entry and see what happens, your mileage may vary, nothing guaranteed:
      C:\>route add mask

    Author Comment

    I'll give it a try next week, thanks so far.

    LVL 77

    Expert Comment

    by:Rob Williams
    Though not recommended practice, and may not work, if you are using the Windows VPN client, make sure the "use default gateway on remote network" is checked on the virtual adapter. To locate:
    Control panel | network connections | right click on the virtual adapter choose properties | networking TCP/IP properties | Advanced | General | "use default gateway on remote network"

    This is usually enabled by default and having it enabled will not allow you to connect to any local resources, but it does force all traffic to the remote network, and usually works in this situation.
    LVL 11

    Accepted Solution

    Probably the easiest thing to implement since its windows is to assign a pool of addresses on each VPN connection in a different Ip address range ie office a 192.168.2.x  , office b 192.168.3.x  and then assign a secondary address to the network adapter of each server to that pool range.

    Change your home network..

    As far as a major job to reip each network its probably a good strategic plan to do so because you will end up doing it when the sites all want to be interconnected  .. because routing will not work properly when you have it configured like that

    Author Comment

    Thanks for the responses, I will try both options this week and then responde.


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Do You Know the 4 Main Threat Actor Types?

    Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

    Suggested Solutions

    Title # Comments Views Activity
    TCP Connection Established 14 54
    Cisco 2921 WIC card 2 35
    VPN Shared folder Access 3 39
    Mac OS 10.12 + VPN 17 92
    Using Windows 2008 RRAS, I was able to successfully VPN into the network, but I was having problems restricting my test user from accessing certain things on the network.  I used Google in order to try to find out how to stop people from accessing c…
    Let’s list some of the technologies that enable smooth teleworking. 
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now