How to add persistent route for 2 VPN connections when interface # varies?

windows interface vpn route split-tunneling

I need to configure split tunnelling with persistent routes for 2 VPN connections on the same computer as the user needs to connect to 2 different corporate servers at the same time. I have a problem though as the VPN interface # varies in some instances and thus the routes are not being used properly and consistently when the VPN connections are established.

Here are the routes I added:

route add -p 192.168.10.0 mask 255.255.255.0 0.0.0.0 IF 24
route add -p 10.8.18.0 mask 255.255.255.0 0.0.0.0 IF 23

24 being the VPN interface number for VPN 1, 23 for VPN 2. See below.

C:\Windows\system32>route print
===========================================================================
Interface List
 24...........................VPN 1
 23...........................VPN 2
 17...da d1 cb e2 2c ad ......Apple Mobile Device Ethernet
  1...........................Software Loopback Interface 1
 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

If I add the routes after connecting to the VPNs then it all works fine but if I disconnect the two VPN connections and then reconnect them in a different order, then the routes are messed up and obviously I can't access the remote networks.

Is there any another way to make the route use a specific interface persistently?


Solution 1:

When multiple VPNs connect in random order, their interface IDs change. Therefor the normal ROUTE -P ADD 10.0.0.0 MASK 255.255.0.0 10.0.0.1 IF 42 does not work. The next time the VPN connects it might have a different interface number.

Powershell has a cmdlet available that adds routes on VPN connection and removes them again when the VPN is disconnected: Add-VpnConnectionRoute. It works without having to specify the interface ID.

The basic syntax is like this:

Add-VpnConnectionRoute -ConnectionName "VPN Connection Name" -DestinationPrefix 10.0.0.0/16

After entering this command, the routes will be created/removed automatically on connection/disconnection of the VPN.

Related

What do the error messages and codes mean when creating and installing Managed Service Accounts?
Missing winsxs from installation media
Running company emails at two different suppliers
How to use procmail to get a message into a variable
How to upgrade OpenSSL on Ubuntu Server 12.04 LTS? (Heartbleed) [duplicate]
Windows Server 2012 R2 Standard located in our DMZ has problems with connection to RoDC
OpenSolaris: What is the Dump device for?
WSUS & GPOS - Force restart and disable choosing updates W12R2
How to create a headless JDK on Ubuntu
:Powershell Register-ClusteredScheduledTask from XML
Yum Update Failing mod_ssl and glibc_devel
Mod_rewrite replace underscores with dashes (or hyphens) in Opencart