Community discussions

MikroTik App
  4. RouterOS
  5. General

split tunnel in vpn remote access

Post Reply
 
mo30
just joined
Topic Author
Posts: 1
Joined: Sun Aug 27, 2017 1:52 pm

split tunnel in vpn remote access

Sun Aug 27, 2017 2:19 pm

hi
we have vpn remote access l2tp from internet for connect to office
we need when user connect to office white vpn from internet they have internet and office network same time.
how can do it in mikrotik
device that user vpn connect mobile pc windows and android
Top
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 7053
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:
Contact mrz

Re: split tunnel in vpn remote access

Thu Sep 07, 2017 12:46 pm

L2TP does not support split tunnels. I would suggest to use either ike2 or ike1 + modeconf or OVPN to push routes.
Top
 
idlemind
Forum Guru
Forum Guru
Posts: 1146
Joined: Fri Mar 24, 2017 11:15 pm
Location: USA

Re: split tunnel in vpn remote access

Fri Sep 08, 2017 12:19 am

If your users are on Windows 10 you can use the new PowerShell command-lets for VPN management to get some of this in place.

Something like this could be used to edit the VPN connection named MyFluffyBunny and to add a route for 10.0.0.0/8 that only is made active when the VPN (managed by the OS):
Code: Select all
Get-VpnConnection | Where-Object -Property Name -EQ "MyFluffyBunny" | Set-VpnConnection -SplitTunneling $true
Get-VpnConnection | Where-Object -Property Name -EQ "MyFluffyBunny" | Add-VpnConnectionRoute -DestionationPrefix 10.0.0.0/8
Top
 
User avatar
NTheZone
just joined
Posts: 22
Joined: Fri Jun 19, 2020 8:47 pm

Re: split tunnel in vpn remote access

Fri Aug 21, 2020 10:22 pm

Minor typo in your -DestionationPrefix, and corrected below. Otherwise, BRILLIANT! It works great. It's possible home users will have a network/subnet: 192.168.88.0/24 (instead of 10.0.0.0/8)

If your users are on Windows 10 you can use the new PowerShell command-lets for VPN management to get some of this in place.

Something like this could be used to edit the VPN connection named MyFluffyBunny and to add a route for 10.0.0.0/8 that only is made active when the VPN (managed by the OS):
Code: Select all
Get-VpnConnection | Where-Object -Property Name -EQ "MyFluffyBunny" | Set-VpnConnection -SplitTunneling $true
Get-VpnConnection | Where-Object -Property Name -EQ "MyFluffyBunny" | Add-VpnConnectionRoute -DestinationPrefix 192.168.88.0/24
Top
 
almdandi
Frequent Visitor
Frequent Visitor
Posts: 72
Joined: Sun May 03, 2015 5:22 pm

Re: split tunnel in vpn remote access

Tue Aug 25, 2020 6:28 pm

Or just
Code: Select all
Set-VpnConnection -ConnectionName "MyFluffyBunny" -SplitTunneling $true
Add-VpnConnectionRoute -ConnectionName "MyFluffyBunny" -DestinationPrefix "193.110.29.0/27"
Top
 
lukman2705
just joined
Posts: 1
Joined: Wed Dec 01, 2021 8:12 am

Re: split tunnel in vpn remote access

Wed Dec 01, 2021 8:14 am

Hi, is there any ways to configuring split tunneling on mobile phone like android and iphone using vpn in Mikrotik (like ovpn) and how is the configuration for the push route?
Thank you
Top
Post Reply

Who is online

Users browsing this forum: 5h4k4, Dulcow, Experimentator, ichyre and 54 guests
  4. RouterOS
  5. General