Share this question

Welcome to Teachnovice Q&A, where you can ask questions and receive answers from other members of the community.

This is a collaboratively edited question and answer site for computer enthusiasts and power users. It's 100% free, no registration required.

Juniper VPN forces my traffic via the corporate proxy - can it be undone?

0 like 0 dislike
2,338 views

When connected to the corporate VPN from home, all the traffic is redirected to go via the corporate proxy, effectively blocking sites that I want to use freely when I am at home, and slowing down access to external sites. How can I undo this situation?

I am asking the same question as here Avoid corporate blocked URL's when on Cisco VPN, with the exception that my VPN client is Juniper and the OS is windows7. Non of the answers there worked for me: - Juniper client doesn't have the "Use default gateway on remote network" configuration - I wasn't able to find the setting on win7's control pannel (I could find the connection, than IpV4 => properties => advanced => Ip Settings , but nothing there similar to "Use default gateway on remote network"

Interestingly enough the very same vpn client does not force the traffic via the corporate proxy on another computer of mine which runs WinXP

asked Apr 18, 2013 by anonymous  

2 Answers

0 like 0 dislike

Probably. Not enough information to give a comprehensive specific answer.

Routes are added and removed as interfaces (physical or logical) are activated and deactivated. The interface activate action adds routes, and more recently added routes are (generally) used in preference. What probably happens when you login to the VPN is a new logical network interface is created/activated, and the routing table is updated to use it by default. Assuming the Juniper client creates a tunnel interface, and does not also add a local host-firewall (and that you are not violating corporate policy -- it's possible that this is intentional), you should be able to

  • replace the default route (setting it back to your home router via ethernet/wifi interface),
  • add specific routes to the corporate network via the tunnel interface.

The MSKB 140859 in the question you link to provides much of the theory, but not so much of the practise.

If you understand the theory, running netsh interface show interface and route printbefore and after connecting should be useful.

answered Apr 18, 2013 by anonymous  
0 like 0 dislike
Probably not.

If this was possible you would basically link the corporate network with the public Internet which is something your administrators will try to avoid. Usually it is possible to configure the VPN solution to do what you want but it's not something the client can decide; it's set up by the administrators.
answered Apr 18, 2013 by anonymous  
...