Set-VpnConnection – Name “TEST” -Split Tunnelling $True -PassThru -ThirdPartyVPN

Question

1.94K viewsMay 4, 2023Windows Userssplit-tunnel vpn windows-10

1

HAL 5.94K March 25, 2022 0 Comments

I have enabled split tunneling on the “TEST” VPN connection using the command “Set-VpnConnection -Name "TEST" -SplitTunneling $True -PassThru -ThirdPartyVpn” so that I can access the internet while connected to the VPN. The results are as follows:

Name                  : TEST
ServerAddress         : https://test.test.com
Guid                  : {50DD97B3-E0F3-12ED-9F42-BE66495E28C5}
ConnectionStatus      : Disconnected
RememberCredential    : True
SplitTunneling        : True
DnsSuffix             : 
IdleDisconnectSeconds : 0
PlugInApplicationID   : FortinetInc.FortiClient_45ggfgfgfj
CustomConfiguration   : #document

However, I am unable to connect to the internet despite having split tunneling enabled. How can

I resolve this issue?

Askify Moderator Edited question May 4, 2023

3 Answers

Sorted by:

score 0 · Answer 1 · 2023-05-04T20:45:29+00:00

Introduction

Virtual Private Networks (VPNs) are an essential tool for remote workers to access company resources securely. A VPN connection encrypts the network traffic between the user’s device and the company network, making it difficult for attackers to intercept the data. Split tunneling is a feature that allows users to access the internet directly while connected to the VPN, rather than routing all traffic through the VPN. This feature can improve network performance and reduce the load on the VPN server. However, sometimes users may face issues when trying to access the internet while connected to the VPN. In this blog post, we will explore how to troubleshoot split tunneling issues in a VPN connection.

Check the VPN Configuration

The first step to troubleshoot split tunneling issues is to check the VPN configuration. Ensure that split tunneling is enabled on the VPN connection. In Windows, you can use the PowerShell command “Get-VpnConnection” to view the VPN connection properties. Look for the “SplitTunneling” property, and ensure that it is set to “True”. If split tunneling is not enabled, you can enable it using the PowerShell command “Set-VpnConnection” with the “-SplitTunneling $True” option.

Another aspect to check is the DNS configuration. When split tunneling is enabled, the DNS queries for internet resources should be resolved by the local DNS server, rather than the VPN DNS server. Ensure that the VPN configuration does not override the local DNS settings. You can check the DNS configuration using the “ipconfig /all” command in the command prompt. Look for the DNS servers listed under the VPN adapter and ensure that they are not used for internet queries.

Check the Firewall Configuration

Firewalls can also cause split tunneling issues in VPN connections. If the firewall blocks the internet traffic, users will not be able to access the internet while connected to the VPN. Check the firewall rules to ensure that they allow internet traffic for the VPN adapter. You can also try disabling the firewall temporarily to see if it resolves the issue. If the issue is resolved, you can create a firewall rule to allow the internet traffic for the VPN adapter.

Check the Routing Table

Routing tables determine the path that network traffic takes between the source and destination. When split tunneling is enabled, the routing table should include a route for the internet traffic to be sent directly to the internet gateway, rather than through the VPN tunnel. Check the routing table using the “route print” command in the command prompt. Look for the route with the destination “0.0.0.0” and ensure that it has the correct gateway and interface. If the route is missing, you can add it using the “route add” command with the “-p” option to make it persistent.

Check the VPN Client Software

VPN client software can also cause split tunneling issues. Some VPN clients may override the local DNS settings or routing tables, even when split tunneling is enabled. Check the VPN client software settings to ensure that it does not interfere with the split tunneling configuration. You can also try using a different VPN client software to see if it resolves the issue.

Check the Internet Connection

Finally, check the internet connection to ensure that it is working correctly. Sometimes, the issue may not be related to the VPN or split tunneling, but rather a network or internet connectivity issue. Try accessing the internet from a different device on the same network to see if it works. You can also try connecting to a different network to see if the issue persists.

Conclusion

Split tunneling is a useful feature in VPN connections that can improve network performance and reduce the load on the VPN server. However, sometimes users may face issues when trying to access the internet while connected to the VPN. In this blog post, we have explored how to troubleshoot split tunneling issues in a VPN connection. By checking the VPN configuration, firewall configuration, routing table, VPN client software, and internet connection, you can identify and resolve the issue.

score 0 · Answer 2 · 2023-01-17T21:18:00+00:00

There are a few potential reasons for why you may be unable to connect to the internet despite having split tunneling enabled. Some possible causes include:

Incorrect VPN server address or credentials
Firewall or antivirus software blocking the VPN connection
Network configuration issues
Misconfigured VPN settings on the server side

You can try the following steps to troubleshoot the issue:

Verify that the VPN server address and credentials are correct
Disable any firewall or antivirus software temporarily to see if that resolves the issue
Check your network settings and ensure that the VPN connection is set as the default gateway
Contact the VPN administrator to verify that the VPN settings are configured correctly on the server side.

If the issue persist, please update me with the error message you are getting and the Operating System you are using.

score 0 · Answer 3 · 2022-03-25T11:48:48+00:00

Split tunneling may not work on your VPN client due to a few reasons such as the VPN server not allowing split tunneling, or the VPN server pushing routes to the client upon each connection. This could also happen if the VPN server has policies in place to monitor changes in the active VPN session routing table and if a change occurs, it pushes the routes back to the client or disconnects the VPN session.

If you are unable to get split tunneling to work and you do not personally administer the VPN server, it is suggested to reach out to the VPN server administrator and inquire about this functionality. This may be prohibited for security reasons or the administrator may consider it for further research and make it available in the future.

For Fortinet VPN clients, there is an option to control how dynamic routing changes affect active sessions. This can be done by editing the interface settings and configuring whether to preserve the original routing for the sessions or apply the routing table changes to the active sessions which may cause the destinations to change.