Have you ever had to setup a VPN for your organisation and constantly have to add routing rules to the client computers so they access other internal subnets over the VPN? For example I have a network in my house that is in the address range 192.168.1.x. From my home PC I want to VPN to work and access the following “work” subnets: 192.168.11.x, 192.168.12.x, 192.168.21.x and 192.168.22.x.

The easy one on this list is the first (192.168.11.x) as this is the subnet that is connected to (the vpn server). The problem occurs when accessing the 192.168.12.x etc subnets. The quick way to access these is to add a simple rule to windows routing… something like “route add 192.168.12.0 mask 255.255.255.0 192.168.201.254 if 34” or the appropriate values.

This is great for a one off access but as soon as the VPN is disconnected these rules are lost so every time the VPN is connected you have to re-add the rules. This really gets boring. On vista this becomes a pain as you have to elevate your command prompt to actually be able to do this. Also the IF value at the end of the command changes!

The answer to this problem is a little better in the long term. You can use the Microsoft Connection Manager Administrators Toolkit which allows you to create a connection profile. These allow you to determine a set of rules that will get generated and added to the routing tables automatically on connection of the VPN. Even better is the fact that you can obtain a file to generate the rules from a web server so you can centralise the management of the rules and update them easily.

It’s a bit of a pain to get the profile generated correctly and I’m still having some problems with it. Namely the fact that my new VPN is becoming the default gateway and all the traffic is having to go through this! A way around this is to add a rule at the end of the previously mentioned file that gives the command “REMOVE_GATEWAYS”. This removes the VPN as the default gateway. The problem is though that the connection is setting my default gateway to have a high metric so it’s never taking any traffic over it at all!

I’ll hopefully post again when I have this one sorted but it appears that several people have had the same problem so we will see how it works out!

We’re currently planning some work for the next few weeks and my god it’s busy! I thought I was going to have an easy few weeks with me on holiday for a week, then Mark and Jonathan away for 2 weeks… not such joy! I’ve got a list as long as my arm to complete. All quite substantial things as well.

The list includes things such as changing our checkout system, getting Quizical (www.quizical.co.uk) ready for release (which still has some work to go on it) and more importantly getting some idea of the Zend Framework MVC engine to convert an existing product into this framework to make it easier to work on in the future!

I think my holiday in Egypt starting on Sunday will need repeating after all this! :-s