Help modifying Windows route table/VPN

[jaclaz]

Question 1: AFAIK the request is made but is not resolved

Question 2: Yes the 10.238.x.x is the VPN network

From what I understand, your computer asks for a DHCP and in your first posted table you get:

0.0.0.0          0.0.0.0       10.204.0.1     10.204.1.182     20

i.e. it gets IP 10.204.1.182 and gateway 10.204.0.1, these are your local lan addressses, and all traffic (0.0.0.0) is routed through them.

In second table you have deleted the first (and only) 0.0.0.0 route and not yet added the second (VPN) one, so it should not connect to anything for most addresses.

The idea of routing should be that the computer asks for an address, looks in the routing table and goes through the interface and gateway that matches the requested address, I believe that if you try pinging,  you will get an error "Destination Host Unreachable", which means that it tried to connect to that address but found no way (interface and gateway or "next hop") to reach it.

Since you add 219.100.37.86 mask 255.255.255.255 10.204.0.1, traffic to 219.100.37.86 will be routed to your lan gateway.

Third table:

0.0.0.0          0.0.0.0   10.238.254.254    10.238.118.29     20

your VPN *somehow* creates a new instance and asks for a DHCP, it gets 10.238.118.29 and gateway 10.238.254.254, and all traffic is routed to them, the VPN *somehow* routes requests to its gateway 10.238.254.254 to the "real" lan gateway of 10.204.0.1 .

When you print the routing table it is essentially shown inverted, the 0.0.0.0 entry (which is normally at the top of the shown routes) is the last one used, it is a sort of "catch all" that gets used if the required address is not caught earlier by any other (narrower) entry.

But what happens when the fourth table is in use (with two routes 0.0.0.0 with the same metric):

0.0.0.0          0.0.0.0   10.238.254.254    10.238.118.29     20
0.0.0.0          0.0.0.0       10.204.0.1      10.204.4.59     20

is to be seen, the OS should prefer the "faster" interface, but cannot say what happens in this case, very likely the "real" lan interface is prevalent on the VPN one.

jaclaz

[ray5450]

On 5/26/2023 at 5:47 AM, jaclaz said:

But what happens when the fourth table is in use (with two routes 0.0.0.0 with the same metric):

0.0.0.0          0.0.0.0   10.238.254.254    10.238.118.29     20
0.0.0.0          0.0.0.0       10.204.0.1      10.204.4.59     20

is to be seen, the OS should prefer the "faster" interface, but cannot say what happens in this case, very likely the "real" lan interface is prevalent on the VPN one.

 

What happens is, that when VPN is turned off, the first line is removed, and the 2nd line is used and thus connects direct to ISP.

 

  

On 5/9/2023 at 5:11 AM, jaclaz said:

What you can do is:
1) disable DHCP and manually set the IP address, net mask and gateway (so-called static IP addressing[1]) <- in your case you don't need to enter the gateway address at all, or enter it to test and then delete it from the interface

When changing the option to enter an address (in network properties), it also opens and requires the option for DNS address.  Are all these addresses found in the route tables I posted?  If so, which ones?  Thanks.

 

 

 

 

 

[jaclaz]

If you need to provide a DNS server address (shouldn't be mandatory, but possibly that depends on the os), they are (often/usually) provided by your ISP, there are a number of free ones (available to everyone) here is a list:

https://www.lifewire.com/free-and-public-dns-servers-2626062

Or you can manually enter the DNS that is now provided by your DHCP, open a command prompt and run ipconfig /all to see all the settings you have currently.

jaclaz

 

Edited May 27, 2023 by jaclaz

[ray5450]

Okay, I changed the ethernet IPV 4 settings to match the ethernet ipconfig results, and I'll try it.

[ray5450]

After some time of testing this, I can say that it works.  Manual entry of settings for IPV 4 settings/properties, leaving blank the default gateway prevents the reconnect...until,  I re-enter the default gateway.  However, sometimes I need to set it back to getting it automatically and then it will connect, but I would think that is because it expires, like you said.

All is good!

Thank-you, so much for your help.