• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 501
  • Last Modified:

Bypass Site to Site VPN for internet access

Hello All,
I'm a bit rusty on my VPN routing skills and want to see if you can offer a suggestion.

Here is the setup:
We have a remote user in another state. We have a ZyXel VPN router setup to connect back to our main office. The user's phone and computer are both plugged into the router. Everything works as it should. The problem right now is that if the user wants to access the internet, all the traffic is traveling back to the main office and then back which makes it incredibly slow.

Is there an option within the Firewall and/or his computer (Windows 7 Pro) that would allow us to redirect internet traffic to bypass the VPN connection?

*** I would just off the site to site VPN in the router and have his computer connect to the VPN whenever it needed to BUT - the phone needs to have the VPN site to site connection.

ZyXel VFG6005N VPN Router

Thanks in advance!
0
rheide
Asked:
rheide
  • 3
  • 2
  • 2
  • +1
1 Solution
 
Axis52401Security AnalystCommented:
In the VPN properties, in network settings, ipv4, and advanced there is a check box for use default gateway on remote network. Uncheck that.
0
 
rheideAuthor Commented:
Jason0923 - are you referring to the Firewall VPN settings? I'm having a hard time finding that (but I'll keep looking). It sounds more like you are talking about Windows network settings but there are no VPN settings in Windows since the firewall is handling all the VPN site to site traffic.

Let me know if I'm misunderstanding you!
0
 
Skyler KincaidNetwork/Systems EngineerCommented:
I have only worked with SonicWalls but what you are looking for is a "Tunnel All" option that should be disabled. This allows only request for the local subnets to be passed through the VPN but anything outside of the local network to bypass the VPN.

The DNS request may still come through the VPN but the traffic should go out over the internet connection.
0
What Kind of Coding Program is Right for You?

There are many ways to learn to code these days. From coding bootcamps like Flatiron School to online courses to totally free beginner resources. The best way to learn to code depends on many factors, but the most important one is you. See what course is best for you.

 
InfamusCommented:
It is called split tunnel and you should enable that on xytel.
0
 
Skyler KincaidNetwork/Systems EngineerCommented:
Infamus is correct. Thanks for reminding me for the term I was looking for.
0
 
rheideAuthor Commented:
Guys,
Thank you for all the help so far. I'm having a hard time finding this option. Not sure if it is because it doesn't exist or if I just can't find it. I'm attaching the VPN connection info - would you expect it to be here?

** I changed the IP address and also have the "Advanced Options" check mark checked so you can see everything.

Thanks!
VPN-screen.jpg
0
 
InfamusCommented:
I would call them and ask where you can enable it.

Support Email
support@zyxel.com
Toll-Free1-800-978-7222 Website
www.us.zyxel.com 
Postal mail
ZyXEL Communications Inc. 1130 N. Miller Street, Anaheim, CA 92806-2001 U.S.A.
0
 
rheideAuthor Commented:
Does anyone have a favorite sub $400 VPN Firewall/Router that they can recommend that allows regular internet traffic to go out the WAN vs. over the VPN back to the main office?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

  • 3
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now