My Windows 10 journey continues. In Part 1, I worked through a few very minor hardware/driver issues. In Part 2, I addressed some styling issues with window titles. To this point, my issues have been largely cosmetic (well, maybe getting sound to play through my speakers was important!) but this next issue encountered was a bit more serious.
Since at least Windows XP, Windows has had a built in VPN client. This is useful for connecting to non-hardware specific VPN servers, such as Microsoft Routing and Remote Access. Continuing with the trend, Windows 10 also has a built in VPN client. As with previous versions of Windows, it can be configured in the same was as always. Go into the Network and Sharing Center, choose Set up a new connection or network, then choose Connect to a workplace and enter the relevant VPN information.
As anyone who has configured this type of VPN knows, there is typically one more non-intuitive step remaining. With the default configuration of the Windows VPN Client, all traffic is sent across the VPN, even traffic that doesn’t need to. For instance, if you need to contact the file server on the other side of the VPN, this needs to go across it. If you need to contact google.com, this doesn’t really need to go across it. Sending unnecessary traffic across the VPN typically has a pretty significant performance impact on your non-VPN traffic. Fortunately, a feature called “split tunneling” allows for this functionality to be disabled so only VPN traffic goes across the VPN and non-VPN traffic doesn’t. Seems pretty intuitive!
Typically, this change is made through the GUI, by entering the Network and Sharing Center and then clicking Change adapter settings and finally right clicking on the VPN connection and selecting Properties. From there, it is just a short hop over to the Networking tab to find the Internet Protocol Version 4 (TCP/IPv4) item and select Properties on it.
Now, what SHOULD happen is once you press the Properties button on the Internet Protocol Version 4 (TCP/IPv4) a new dialog window should open allowing you to press Advanced and then uncheck Use default gateway on remote network. That is what SHOULD happen. Unfortunately, what happens in the current release build of Windows 10 with all available updates applied is….nothing. Pressing the Properties button causes a brief flicker, but no new window ever opens. From what I’ve tried, there is nothing that can be done to get that window to open.
So, the above window will never open (until the bug is fixed…apparently this is a known issue and has been a known issue for some time). Fortunately, PowerShell can be used to change the properties of the connection without the GUI.
Create the connection like you normally would and then launch PowerShell. Now, use the following command to enable split tunneling for all user VPN connections:
get-vpnconnection -AllUserConnection | Set-VpnConnection -SplitTunneling $True
You’ve now successfully modified the VPN properties to use split tunneling (ie, do not use default gateway on remote network). As a quick test, you can connect to the VPN and perform a tracert to a VPN resource and a tracert to google.com. The first hops should be very different. This shows your internet traffic going out one way and your VPN traffic out the other. Hopefully Microsoft will fix the GUI in an upcoming update. It should be noted that you can select Properties on Internet Protocol TCP/IPv4 of other types of connections (such as Local Area Connections). This issue is specific to VPN connections.