I have recently set up a VPN server at our organisation, which has a small number of users, and have since I've tried a number of configuration options to allow the clients both internet access and local network access through the connection.
Here are the current settings:
- Platform: Windows 2008 Server (using RRAS).
- Server address: 10.14.72.200
- Our network range is 10.14.72.0 to 10.14.72.255; currently using ranges 10.14.72.203 to 10.14.72.255 for VPN via the static pool.
- NIC adapter settings on the server (only one): 255.255.255.0 subnet; IP 10.14.72.200; DNS1 10.14.72.1 (router); DNS2 10.14.72.200 (local server with DNS).
Using the static pool disallows users from browsing the internet through the connection, with clients not being issued a default gateway (but they do get 4xDNS servers, two of which are external, and two of which are internal - 10.17.42.1 & .200); they are ordered external to internal.
I do not want to use the option of "use default gateway on remote host" for security reasons. Nor do I want to install a proxy server on the network or use variations of RDP.
At the moment I can only seem to get one option or another - when not using the static pool I am able to access the internet but have no local access with this turned on.
How can I route all internet traffic (i.e., anything outside of the 10.14.72.x range through an internet gateway (such as our router, 10.14.72.1).