Community discussions

MikroTik App
 
oliee0
just joined
Topic Author
Posts: 8
Joined: Tue May 10, 2022 11:57 pm

L2TP - how to separate LAN/internet traffic

Wed Dec 07, 2022 11:33 pm

Hello,
I'm using L2TP/IPsec VPN on RB5009. Can I set it so that there is only LAN access and the internet traffic works on the client side? Like OpenVPN, only access to LAN/subnets but internet connection is going through clien-side router. If it is possible how to configure it?
I have many VPN users - 15-20 clients works at the same time and all traffic goes through the VPN, together when YT is playing etc., it's heavy load for network.
OpenVPN is best for it but transfer speed is a half vs L2TP.
 
Sob
Forum Guru
Forum Guru
Posts: 9119
Joined: Mon Apr 20, 2009 9:11 pm

Re: L2TP - how to separate LAN/internet traffic

Thu Dec 08, 2022 12:06 am

It's client-side option. E.g. if you have Windows, they for some strange reason (opinions about that may differ) assume that user wants to route everything over VPN. If you don't, you have to disable it, e.g. using PowerShell (unless you have some outdated Windows):
Set-VpnConnection -Name "connection name" -SplitTunneling $true
But then you may have problem with routes to subnets that you do want routed over VPN (depends on what exactly you have). In that case, look at Add-VpnConnectionRoute.

Who is online

Users browsing this forum: Google [Bot], Netstumble and 46 guests