Creating a route automatically when a VPN tunnel is established in Windows 7

Note: you will need to understand subnets and routing to use this article

If you create a VPN tunnel in Windows 7 and need to have subsidiary routes created once this tunnel is created, then one way of doing this is by creating a scheduled task that fires when this connection is made. For example:

If I work from home, and use the Microsoft Windows VPN client to connect to the office, and need to connect to other networks but *do not* want the default route set to the VPN gateway, then how do I do this? You might need to do this if:

  • You need to access other subnets at work – e.g. DMZ, other offices
  • Partner or third party sites that are only available via the Office subnet

Note you cannot use a persistent route, because the routing table is built before the VPN adaptor is present, so will not function correctly (i.e. route –p will not work).

So... how do you do it? The magic steps are:

  1. Start Task Scheduler
  2. Open the Task Scheduler Library – Microsoft / Windows / RAS
  3. Right click in the right hand pane, create new task
  4. Description: Add route on VPN
  5. Triggers
    1. Begin the task on an event (Basic)
    2. Log: Application log
    3. Source: RasClient
    4. EventID: 20225
    5. Task: enabled
    6. Actions:
      1. Start a program
      2. Program: “route”
      3. Arguments: “A.B.C.D mask xxx.yyy.zzz.000 E.F.G.H” e.g. “192.168.0.0 mask 255.255.0.0 192.168.0.1” will establish a route to all 192.168 networks via the specified gateway.
      4. Conditions:
        1. Star the task only if the computer is on AC Power (**NOT TICKED**)
        2. Start only if the following connection is available: “MyVPN”
        3. Save… test

When you establish a VPN connection you should see a momentary command prompt open and close very quickly. If you check the routes… “route print” you’ll see your beautiful new route is established. When you disconnect the VPN the route will automatically be destroyed.

If you wanted you could also write a batch file to add multiple routes and execute this instead.

Lastly another way of doing this is creating a batch file that first runs the rasdial command, and secondly the route add command. This has the advantage that you can then bind a keyboard shortcut to it, so that hitting Ctrl-shift-alt-V or similar will run your batch file.

0
Handling ShadowProtect and file systems with high-...
Preventing Shadow Protect from running over a dial...

Comments

 
No comments made yet. Be the first to submit a comment
Mobile Version | Desktop Version