28
18
What is the easiest way to ensure all traffic goes through the VPN in Windows 10? Are there any built in ways? I'm basically looking for an internet kill switch in the case the VPN fails.
I read that sometimes the OS gets confused and for some random reason just doesn't use the VPN when sending traffic, is this actually a valid concern?
Celeritas
Posted 2016-01-04T03:30:46.710
Reputation: 7 487
16
Note:
Be sure you have only one network adapter enabled, example: if you are using ethernet, be sure wireless is disabled. If using wireless be sure no ethernet cable is connected, or disable the adapter in networking and sharing center > change adapter settings.
Open command prompt and do a command:
netstat /r
note the Interface ip address on the 0.0.0.0 line in the "Active Routes" section , lets just say it is 192.168.0.1
Connect to your VPN
Do another netstat /r
Note you will see a new ip route for the vpn (second 0.0.0.0. line), note that Interface new route ip
Now kill the original non vpn route with this command
route delete 0.0.0.0 192.168.0.1
then do another netstat /r
you will only see your vpn route now, and if your VPN line drops, you lose that route, so there are no more 0.0.0.0 routes and your external connection will be immediately cut off. If you want to access the internet you'll need to add the original route back with this command:
route add 0.0.0.0 mask 0.0.0.0 192.168.0.1 IF 8
The "IF 8" means "interface 8". The number 8 may be different on your computer, look at the output of netstat -r to get the correct number of your interface in the Interface List
All that being said I would disable ipv6, I have done this with no issues after doing so.
disable ipv6 command:
netsh interface teredo set state disabled
Enable ipv6 command:
netsh interface teredo set state default
Moab
Posted 2016-01-04T03:30:46.710
Reputation: 54 203
"Be sure you have only one network adapter enabled," what about the virtual adapters, such as those used by VMware? – Celeritas – 2016-01-04T08:59:05.443
See answer above by dxiv – Moab – 2016-01-04T19:05:41.050
After doing the route delete command I got the error The route deletion failed: Element not found. – Celeritas – 2016-01-12T08:01:14.430
You did something wrong. – Moab – 2016-01-12T15:50:27.803
@Moab Use gateway IP instead of destination IP – Ankit_Shah55 – 2017-01-26T07:34:44.490
@Moab What if I do not disable IPv6? – Anindit Karmakar – 2017-04-26T03:40:33.637
@AninditKarmakar then you do not insure all traffic goes through the vpn. – Moab – 2017-06-17T16:16:09.570
12
These are 2 questions rolled into one.
I'm basically looking for a internet kill switch in the case VPN fails
@Moab's answer settles this question nicely.
What is the easiest way to ensure all traffic goes through the VPN in Windows 10?
Is there any built in ways?
This is a different question. Note that all traffic goes through the VPN has an implied "as long as the VPN connection is up". The built-in way to route Internet traffic over VPN will transparently fallback to the local Internet connection if the VPN gets disconnected for whatever reason.
That said, the following steps should answer the 2nd question:
dxiv
Posted 2016-01-04T03:30:46.710
Reputation: 1 784
I couldn't see ""Use default gateway on remote network", after clicking advanced, but under the label "default gateways", the list was blank. – Celeritas – 2016-01-12T08:04:52.723
There is no label "default gateways" that I can find in the steps listed above. Either you ended up in the wrong place, or maybe you are using some 3rd party VPN other than the Windows built-in one, in which case that should have been the very first thing to point in your question. – dxiv – 2016-01-12T08:16:30.557
I didn't know Windows 10 had a built in one – Celeritas – 2016-01-12T08:41:29.833
@Celeritas Windows has had a built-in VPN client for(virtually)ever. If you are not using it, but instead some other 3rd party alternative then both my answer and Moab's have been a waste of time. Please provide the full context when you ask a question next time. – dxiv – 2016-01-12T08:48:29.697
1if Windows comes with a VPN then why does virtually everyone who uses VPN use a 3rd party alternative? – Celeritas – 2016-01-12T09:33:04.513
@Celeritas This is a false premise! Sometimes enterprises choose to use something other than the built-in VPN for various business reasons, but the built-in VPN is widely used. – Greg Lyon – 2016-05-05T14:57:47.510
@Celeritas - I use a third party client because I couldn't figure out how to configure the Windows VPN with the certificates and stuff – Chris Dutrow – 2017-09-07T19:17:03.793
0
If you need to make sure that all the traffic goes though a single IP or pool known to you, you may adjust firewall blocking all other addresses leaving that single IP. Say, you need to use 10.10.10.10 only, so you should block all from 0.0.0.0 to 10.10.10.9 and from 10.10.10.11 to 255.255.255.255.
Anton
Posted 2016-01-04T03:30:46.710
Reputation: 1
Setup the VPN to do that then connect to it – Ramhound – 2016-01-04T03:32:17.423
@Ramhound the VPN manager I use has a kill switch, but it's buggy, especially if multiple network interfaces are present. – Celeritas – 2016-01-04T03:35:07.580
When I indicate, "setup the VPN", I mean configure the VPN not to leak your personal information. A properly encrypted VPN will automatically connect you to the virtual private network, and all traffic will go through that network, nothing special has to be done once that is done. – Ramhound – 2016-01-04T04:42:29.453
I would assume because of the apparent lack of research on the topic – Ramhound – 2016-01-08T11:46:36.497