Basic VPN routing question, please - urgent

Just browsing

Basic VPN routing question, please - urgent

Hi there


I have at work: Virgin Media Hitron modem/router -> MX64 -> MR32


I want to setup the VPN for all my staff -

  1. I want their normal web traffic to go direct to web - I don't want Spotify, etc, coming via work!  (So I just disable "use default gateway ..." on their VPN connection, cool)
  2. I want all my staff who are working remotely to be able to access file shares on an internal server. - STUCK
  3. I want ports 21, 22, 3022 to go via the VPN every time from the client PC. - STUCK


I've got the VPN up and running but stuck on points 2 and 3.  Can someone help, please?


Main LAN is subnet   MX IP is  Using Google DNS.

Client VPN is subnet  Using Google DNS.


Server IP is  Subnet mask  Default gateway


When I connect to VPN from home, I am given IP  Subnet mask  No default gateway.


When I ping from home, I'm getting Request timed out.  I'm assuming once I can ping and have routing sorted, I'll then be able to map via IP.


And then also to sort item 3.


Thanks to any help in advance.  I may sound like I know what I'm doing, but I don't too much so any simple help would be appreciated.



Kind of a big deal
Kind of a big deal

Check out @Nash VPN scripts for split tunnelling. 


You can do any kind of routing via ports with the Windows client VPN.  Windows doesn't support that.

Kind of a big deal



Have you considered using a Cloud based file store for files you wish to share and synchronise? We have been using 

OneDrive, it comes with the Office365 subscription for some time and we find it most effective, and resilient. In fact we have been using Cloud-based software and services for decades, all around the world. It is extremely cost effective, and flexible, particularly when staff are on the road.

Encryption is not an issue - 



Robin St.Clair | Principal, Caithness Analytics | @uberseehandel

For issue #2 -  Run Wireshark on the server to see if the ICMP packets are even making it there.  If it is a Windows server, it is possible that the firewall is blocking something.  Check routing table on the remote client machine to ensure that the proper route is added with a lower metric for the internal network. 


For #3, I do not believe there is a way to configure port based routing via the VPN client.  The traffic will take the chosen path based solely on the routing table. 


HTH, but let me know if you need more clarification on anything.  Thanks!

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.