Problem solve Get help with specific problems with your technologies, process and projects.

Cannot connect to Internet or local network while on the VPN

I have what I think is probably a very individual VPN problem that I cannot seem to solve. I am using a Nortel Contivity V04 15.14 to connect to a corporate network. When using this VPN, it effectively locks me out of connecting to anything but the host, which is pretty standard stuff as far as I can tell. I cannot use the Internet or access my local network.

The company told me if I installed a second network card in the computer (which I did) and since I am running Windows...

XP Pro that I would be able to then use this second card as my connection to my local network. Both cards have their own IP addresses, and both are hooked through a hub and router to a cable modem. However, it appears that when I try to use the network services or Internet they still go to the VPN client and that doesn't solve my problem.

My company says it could be a router issue because it should be working (I use a DLink DI-808HV) DLink tells me their router supports this type of feature. I have been going around in circles on this one. Is there some configuration I am missing? Either on the local computer or router? Am I getting bad info and this is not even possible? I am nearly at the end of my rope and any help would be appreciated.

You problem is fairly easy to resolve if you have administrative access to the remote VPN server you are connecting to or are able to communicate with its administrator so he can resolve it for you.

In almost every VPN server, there's an option in the client configuration section usually named "Split Tunneling Policy," where you're able to either tunnel everything on the client's side to go through the VPN or specify a preconfigured network list.

The preconfigured network list is built by the administrator and contains all the networks behind the VPN server that the remote client should be able to connect to. These networks are then added in the client's routing table as soon he connects to the VPN. If no such list exist, then the solution is to push everything ( through the VPN tunnel, which is what seems to be happening in your case.

You'll also be able to view this if you type "route print" on your command prompt before and after connecting to the VPN server.

In closing, let me point out that this problem is at the VPN server side, not your router or PC. When a VPN client connects to a VPN server, all configured parameters are pushed to the client, whether he likes it or not!


This was last published in June 2005

Dig Deeper on Network Access Control