Hello everyone
There's a machine with some service running on it(ex. file/web server) which is accessible across whole LAN via address:port. But when User starts a vpnclient session then physical connection(ethernet or wifi) becomes marked as "Unidentified" and can't be changed and services are no longer accessible by anyone.
Tried playing with interface metrics, but the only two states are:
either whole traffic goes through vpn tunnel(which is good) and local service not accessible LAN-wise
or
vpn tunnel active with traffic not going through it(which is bad) and local service accessible LAN-wise
So the main idea/question is: Is it possible for windows machine to have local shares/services not being isolated from LAN while whole traffic goes through tunnel? Same config works on official Linux client and 3rd party android client. Am I missing something or is there some limitations?
Thanks
[Windows] VPNClient becomes isolated from LAN
-
solo
- Posts: 1744
- Joined: Sun Feb 14, 2021 10:31 am
Re: [Windows] VPNClient becomes isolated from LAN
Disable TunnelCrack protection.
-
Elezorn
- Posts: 7
- Joined: Sat Apr 12, 2025 9:57 am
Re: [Windows] VPNClient becomes isolated from LAN
Toggling TunnelCrack protection as well as "Windows network optimization"/recreating vpn adapter/running as user or admin doesn't change anything. Tried on two versions on VPN Client:
W10 19045.6456
VPN Adapter 4.25.9658
SE Client 4.43 Build 9799
SE Client 4.44 Build 9807
-
solo
- Posts: 1744
- Joined: Sun Feb 14, 2021 10:31 am
Re: [Windows] VPNClient becomes isolated from LAN
Please start a VPN on the client and post as code the output of:
Code: Select all
netstat -r
ping LAN-gateway-IP-
Elezorn
- Posts: 7
- Joined: Sat Apr 12, 2025 9:57 am
Re: [Windows] VPNClient becomes isolated from LAN
Ping to local gatewaysolo wrote: ↑Sun Nov 16, 2025 1:16 pmPlease start a VPN on the client and post as code the output of:Code: Select all
netstat -r ping LAN-gateway-IP
Code: Select all
C:\Users\ELEZO>ping 192.168.1.1
Обмен пакетами с 192.168.1.1 по с 32 байтами данных:
Ответ от 192.168.1.1: число байт=32 время=3мс TTL=64
Ответ от 192.168.1.1: число байт=32 время=2мс TTL=64
Ответ от 192.168.1.1: число байт=32 время=2мс TTL=64
Ответ от 192.168.1.1: число байт=32 время=2мс TTL=64
Статистика Ping для 192.168.1.1:
Пакетов: отправлено = 4, получено = 4, потеряно = 0
(0% потерь)
Приблизительное время приема-передачи в мс:
Минимальное = 2мсек, Максимальное = 3 мсек, Среднее = 2 мсек
Code: Select all
C:\Users\ELEZO>ping 192.168.100.1
Обмен пакетами с 192.168.100.1 по с 32 байтами данных:
Ответ от 192.168.100.1: число байт=32 время=59мс TTL=64
Ответ от 192.168.100.1: число байт=32 время=56мс TTL=64
Ответ от 192.168.100.1: число байт=32 время=56мс TTL=64
Ответ от 192.168.100.1: число байт=32 время=56мс TTL=64
Статистика Ping для 192.168.100.1:
Пакетов: отправлено = 4, получено = 4, потеряно = 0
(0% потерь)
Приблизительное время приема-передачи в мс:
Минимальное = 56мсек, Максимальное = 59 мсек, Среднее = 56 мсекCode: Select all
C:\Users\ELEZO>netstat -r
===========================================================================
Список интерфейсов
9...00 ff 0e c2 f5 5d ......TAP-Windows Adapter V9 for OpenVPN Connect
64...b8 88 e3 74 a1 b6 ......Qualcomm Atheros AR8161 PCI-E Gigabit Ethernet Controller (NDIS 6.30)
73...........................OpenVPN Data Channel Offload
26...ae e0 10 dd 27 c9 ......Microsoft Wi-Fi Direct Virtual Adapter #5
17...ae e0 10 dd 2f c9 ......Microsoft Wi-Fi Direct Virtual Adapter #6
10...00 50 56 c0 00 01 ......VMware Virtual Ethernet Adapter for VMnet1
29...00 50 56 c0 00 08 ......VMware Virtual Ethernet Adapter for VMnet8
48...5e 07 fa c5 19 63 ......VPN Client Adapter - VPN
18...ac e0 10 dd 27 c9 ......Dell Wireless 1820A 802.11ac #2
49...ac e0 10 dd 27 ca ......Bluetooth Device (Personal Area Network) #4
1...........................Software Loopback Interface 1
24...b0 83 85 57 55 5a ......Sierra Wireless Mobile Broadband Network Adapter
===========================================================================
IPv4 таблица маршрута
===========================================================================
Активные маршруты:
Сетевой адрес Маска сети Адрес шлюза Интерфейс Метрика
0.0.0.0 0.0.0.0 192.168.100.1 192.168.100.16 35
1.1.1.1 255.255.255.255 192.168.1.1 192.168.1.69 35
WAN.IP.THRU.VPN 255.255.255.255 192.168.1.1 192.168.1.69 35
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
130.158.6.69 255.255.255.255 192.168.1.1 192.168.1.69 35
130.158.6.126 255.255.255.255 192.168.1.1 192.168.1.69 35
192.168.1.0 255.255.255.0 On-link 192.168.1.69 291
192.168.1.69 255.255.255.255 On-link 192.168.1.69 291
192.168.1.255 255.255.255.255 On-link 192.168.1.69 291
192.168.19.0 255.255.255.0 On-link 192.168.19.1 291
192.168.19.1 255.255.255.255 On-link 192.168.19.1 291
192.168.19.255 255.255.255.255 On-link 192.168.19.1 291
192.168.100.0 255.255.255.0 On-link 192.168.100.16 291
192.168.100.16 255.255.255.255 On-link 192.168.100.16 291
192.168.100.255 255.255.255.255 On-link 192.168.100.16 291
192.168.145.0 255.255.255.0 On-link 192.168.145.1 291
192.168.145.1 255.255.255.255 On-link 192.168.145.1 291
192.168.145.255 255.255.255.255 On-link 192.168.145.1 291
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 192.168.100.16 291
224.0.0.0 240.0.0.0 On-link 192.168.145.1 291
224.0.0.0 240.0.0.0 On-link 192.168.19.1 291
224.0.0.0 240.0.0.0 On-link 192.168.1.69 291
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 192.168.100.16 291
255.255.255.255 255.255.255.255 On-link 192.168.145.1 291
255.255.255.255 255.255.255.255 On-link 192.168.19.1 291
255.255.255.255 255.255.255.255 On-link 192.168.1.69 291
===========================================================================
Постоянные маршруты:
Сетевой адрес Маска Адрес шлюза Метрика
0.0.0.0 0.0.0.0 10.106.90.18 1
===========================================================================
IPv6 таблица маршрута
===========================================================================
Активные маршруты:
Метрика Сетевой адрес Шлюз
1 331 ::1/128 On-link
10 291 fe80::/64 On-link
29 291 fe80::/64 On-link
10 291 fe80::59aa:9ce5:34c2:b635/128
On-link
29 291 fe80::9d9a:a7cb:3919:fcc4/128
On-link
1 331 ff00::/8 On-link
10 291 ff00::/8 On-link
29 291 ff00::/8 On-link
===========================================================================
Постоянные маршруты:
Отсутствует
-
Elezorn
- Posts: 7
- Joined: Sat Apr 12, 2025 9:57 am
Re: [Windows] VPNClient becomes isolated from LAN
netstatsolo wrote: ↑Sun Nov 16, 2025 1:16 pmPlease start a VPN on the client and post as code the output of:Code: Select all
netstat -r ping LAN-gateway-IP
Code: Select all
C:\Users\ELEZO>netstat -r
===========================================================================
Список интерфейсов
9...00 ff 0e c2 f5 5d ......TAP-Windows Adapter V9 for OpenVPN Connect
64...b8 88 e3 74 a1 b6 ......Qualcomm Atheros AR8161 PCI-E Gigabit Ethernet Controller (NDIS 6.30)
73...........................OpenVPN Data Channel Offload
26...ae e0 10 dd 27 c9 ......Microsoft Wi-Fi Direct Virtual Adapter #5
17...ae e0 10 dd 2f c9 ......Microsoft Wi-Fi Direct Virtual Adapter #6
10...00 50 56 c0 00 01 ......VMware Virtual Ethernet Adapter for VMnet1
29...00 50 56 c0 00 08 ......VMware Virtual Ethernet Adapter for VMnet8
48...5e 07 fa c5 19 63 ......VPN Client Adapter - VPN
18...ac e0 10 dd 27 c9 ......Dell Wireless 1820A 802.11ac #2
49...ac e0 10 dd 27 ca ......Bluetooth Device (Personal Area Network) #4
1...........................Software Loopback Interface 1
24...b0 83 85 57 55 5a ......Sierra Wireless Mobile Broadband Network Adapter
===========================================================================
IPv4 таблица маршрута
===========================================================================
Активные маршруты:
Сетевой адрес Маска сети Адрес шлюза Интерфейс Метрика
0.0.0.0 0.0.0.0 192.168.100.1 192.168.100.16 35
1.1.1.1 255.255.255.255 192.168.1.1 192.168.1.69 35
WAN.IP.THRU.VPN 255.255.255.255 192.168.1.1 192.168.1.69 35
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
130.158.6.69 255.255.255.255 192.168.1.1 192.168.1.69 35
130.158.6.126 255.255.255.255 192.168.1.1 192.168.1.69 35
192.168.1.0 255.255.255.0 On-link 192.168.1.69 291
192.168.1.69 255.255.255.255 On-link 192.168.1.69 291
192.168.1.255 255.255.255.255 On-link 192.168.1.69 291
192.168.19.0 255.255.255.0 On-link 192.168.19.1 291
192.168.19.1 255.255.255.255 On-link 192.168.19.1 291
192.168.19.255 255.255.255.255 On-link 192.168.19.1 291
192.168.100.0 255.255.255.0 On-link 192.168.100.16 291
192.168.100.16 255.255.255.255 On-link 192.168.100.16 291
192.168.100.255 255.255.255.255 On-link 192.168.100.16 291
192.168.145.0 255.255.255.0 On-link 192.168.145.1 291
192.168.145.1 255.255.255.255 On-link 192.168.145.1 291
192.168.145.255 255.255.255.255 On-link 192.168.145.1 291
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 192.168.100.16 291
224.0.0.0 240.0.0.0 On-link 192.168.145.1 291
224.0.0.0 240.0.0.0 On-link 192.168.19.1 291
224.0.0.0 240.0.0.0 On-link 192.168.1.69 291
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 192.168.100.16 291
255.255.255.255 255.255.255.255 On-link 192.168.145.1 291
255.255.255.255 255.255.255.255 On-link 192.168.19.1 291
255.255.255.255 255.255.255.255 On-link 192.168.1.69 291
===========================================================================
Постоянные маршруты:
Сетевой адрес Маска Адрес шлюза Метрика
0.0.0.0 0.0.0.0 10.106.90.18 1
===========================================================================
IPv6 таблица маршрута
===========================================================================
Активные маршруты:
Метрика Сетевой адрес Шлюз
1 331 ::1/128 On-link
10 291 fe80::/64 On-link
29 291 fe80::/64 On-link
10 291 fe80::59aa:9ce5:34c2:b635/128
On-link
29 291 fe80::9d9a:a7cb:3919:fcc4/128
On-link
1 331 ff00::/8 On-link
10 291 ff00::/8 On-link
29 291 ff00::/8 On-link
===========================================================================
Постоянные маршруты:
ОтсутствуетCode: Select all
C:\Users\ELEZO>ping 192.168.100.1
Обмен пакетами с 192.168.100.1 по с 32 байтами данных:
Ответ от 192.168.100.1: число байт=32 время=57мс TTL=64
Ответ от 192.168.100.1: число байт=32 время=57мс TTL=64
Ответ от 192.168.100.1: число байт=32 время=57мс TTL=64
Ответ от 192.168.100.1: число байт=32 время=56мс TTL=64
Статистика Ping для 192.168.100.1:
Пакетов: отправлено = 4, получено = 4, потеряно = 0
(0% потерь)
Приблизительное время приема-передачи в мс:
Минимальное = 56мсек, Максимальное = 57 мсек, Среднее = 56 мсек
C:\Users\ELEZO>ping 192.168.1.1
Обмен пакетами с 192.168.1.1 по с 32 байтами данных:
Ответ от 192.168.1.1: число байт=32 время=2мс TTL=64
Ответ от 192.168.1.1: число байт=32 время=2мс TTL=64
Ответ от 192.168.1.1: число байт=32 время=2мс TTL=64
Ответ от 192.168.1.1: число байт=32 время=4мс TTL=64
Статистика Ping для 192.168.1.1:
Пакетов: отправлено = 4, получено = 4, потеряно = 0
(0% потерь)
Приблизительное время приема-передачи в мс:
Минимальное = 2мсек, Максимальное = 4 мсек, Среднее = 2 мсек-
solo
- Posts: 1744
- Joined: Sun Feb 14, 2021 10:31 am
Re: [Windows] VPNClient becomes isolated from LAN
Yes and it is not only possible but just works by default when TunnelCrack protection is off. We need more tests.
- on 192.168.1.69 PC with the web server (or such) disable the firewall (temporarily).
- on 192.168.1.x LAN client of the web server stop SSDP Discovery service.
- start the VPN on 192.168.1.69 and then from 192.168.1.x ping 192.168.1.69
?
-
will siggel
- Posts: 1
- Joined: Mon Nov 17, 2025 3:51 pm
Re: [Windows] VPNClient becomes isolated from LAN
the vpn disconnects my internet connection anytime i switch it on , but once i disconnect the vpn , the internet is restored .
what can i do?
what can i do?