windows pptp vpn client *do not* use default gateway on remote network

The settings you're looking to change are client-side only, unfortunately. Unlike, say, OpenVPN, where you "push" configuration information from the VPN server to the client, in the Microsoft VPN client the "Use default gateway on remote network" option is set client-side only.

The Connection Manager Administation Kit (CMAK) will let you build an EXE that can be run on clients to setup the VPN connection with all the parameters you want.

Some frustration may come from the unfortunate method by which the client receives a route to the remote network. When the "Use default gateway on remote network" option is disabled, the client receives a route to the remote network based on the "classful" IP address of the VPN server (this changes in Windows 7, but I don't have details of the change handy). If you're just doing a VPN into a little "/24" network numbered "192.168.x.x", then this will work out fine.

If you have a more complex topology, though, this will give you fits. The CMAK is supposed to give you a way to run a script on the client after the VPN comes up, and to modify the client's routing table, but I've never actually gotten that functionality to work on Windows XP SP2-based client computers. I'd love to hear from somebody who has.


AFAIK, the connection has to have a gateway, or else there's no way it can send traffic over that interface to anything except the VPN server at the other end.

Also AFAIK there's no way around this except to manually disable the connection (even a PowerShell script won't be any good, even if it has the functionality there's too many unknown variables in locating the connection).

Worth noting that without this open, name resolution won't work either unless your local DNS has the VPN IP's in it.

I feel your pain though.