2011-10-03

How to bypass a Virtual Private Network (VPN) (on Windows)

The situation:
  • Resources on a virtual private network I wish to access (proxy, file storage, servers only for insiders, ...);
  • Limited connectivity on the virtual private network;

The solution:
Part 1:
Well some sites I've visited present me with a solution that is part of the required steps to solve the problem but alone does nothing.

1-"Start", "Connect To", right click your VPN connection;

2-Select "Properties";


3-Select "Internet Protocol (TCP/IP)" and click "Properties";


4-Click "Advanced";


5-Untick "Use default gateway on remote network";


Unticking this should allow you to access every computer on the VPN within the subnet mask of 255.255.255.0 based on your IP inside the VPN (in my case 192.168.1.x). 

However, the resources I want to access are within another range of IPs which leads us to Part 2.

Part 2:
1-For example, let's suppose all the resources I want to access are within the range 193.136.0.0-193.137.255.254 ( 193.136.0.0 subnet mask 255.254.0.0 );
2-As such after I connect to the VPN I add to the route table the gateway to that IP range which will be my VPN's gateway:
            route print 123 
(123 is only not to show a bunch of useless routing info)
   
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...xx xx xx xx xx xx ...... National Semiconductor DP83815-Based PCI Fast Ethernet Adapter - Packet Scheduler Miniport
0x80004 ...xx xx xx xx xx xx ...... WAN (PPP/SLIP) Interface
===========================================================================
===========================================================================
Active Routes:
Default Gateway: 192.168.1.1
None
Persistent Routes:
None
My VPN interface identifier ("WAN (PPP/SLIP) Interface" - if you have two it will probably be the one at the bottom) is "0x80004" (beware it changes every time you connect)... So:
                        route add 193.136.0.0 mask 255.254.0.0 192.168.1.1 if 0x80004 metric 1
(replace "193.136.0.0 mask 255.254.0.0" for the range you which to access using the VPN).
And you get inside access to all your resources... Cool, huh ;)