D-Link Forums
The Graveyard - Products No Longer Supported => D-Link NetDefend Firewalls => Topic started by: tylan on June 08, 2009, 05:36:44 PM
-
I have a DFL-210 w/ a PPTP Server configured on it. I'm using the Windows XP native VPN Client. The connection works perfectly. However, I want to be able to browse the internet when connected to the PPTP VPN from a remote XP machine. I believe that this is normally called split tunneling, however I can't find any way of doing it or FAQ that explains it for the 210. When I call support they seem baffled by my request. I saw a FAQ that applied to the DFL-200/700/1100 that gave instructions, but they didn't quite match up with the DFL-210. I also saw a link to an MS article that had you removing the default gateway on the VPN connection... but that seems like a hokey workaround.
What's the best way to accomplish this?
-
The FAQ (http://support.dlink.com/faq/view.asp?prod_id=2501) that I believe you are referencing shows you how to make a policy allowing that Wan destined traffic to pass through the DFL-200/700/1100, it is not true split tunneling as the traffic is being "proxied" through the firewall. To do the same with a DFL-210 simply add an IP Rule like the below.
Action: NAT
Service: all-services
Source Interface: PPTP
Source Network: PPTP-Pool
Destination Interface: WAN
Destination Network: All-Nets
For real split tunnelling you will need to play with the routing on your client machine which is less than fun, the Microsoft solution is fair.
-
Which method would you recommend?
-
I set up the IP Rule I gave you pretty universally.
-
When I tried that that was for the dfl-200 I missed that it was a NAT rule, not an allow. I'll give it a try soon. Thanks.
-
That worked perfectly for me.
After connecting to http://www.dslreports.com/whois through my VPN connection it was clear that my HTTP requests being made from the WAN port of the DFL.
Thank you