Wednesday, September 23, 2009

Automatically Add Default Route for VPN Connection

One common problem that most of the users face after connecting to VPN server is ROUTING.
To enable VPN users to access network resources that are on a different subnet you need to have gateway a address that routes data packets.

We usually remove "Use default gateway on remote network” check in advanced properties on TCP/IP setting while creating VPN connection. This setting enforces to add route to remote subnet manually.
This configuration leads to the problem when RRAS server assigns IP addresses dynamically, which mean that VPN users will get different IP address each time when they connect to the RRAS server!

In Windows you can view routing table by applying following statement from command line:
Click Start -> Run -> Cmd -> OK

ROUTE PRINT

 Following batch script will help network admins to provide users with a batch file that will automatically set route to the corporate network.

You only have to set two variables inside a script. Set ‘NetSubnet’ with a network subnet address and ‘SubnetMask’ with the subnet mask.

:: ************ Method -1 ************ ::
@ECHO OFF
COLOR 8F

SET NetSubnet=172.16.0.0
SET SubnetMask=255.255.0.0

ECHO.
ECHO ###########################################################
ECHO            PLEASE DO NOT CLOSE THIS WINDOW     
ECHO This window will automatically disappear after 10 seconds.
ECHO ###########################################################
ECHO.
FOR /F %%I IN ('ROUTE PRINT ^|FIND "WAN (PPP/SLIP)"') DO SET IFindex=%%I
ECHO Updating Routing Table, please wait....
ECHO.
ROUTE DELETE %NetSubnet% >NUL
ROUTE ADD %NetSubnet% MASK %SubnetMask% 0.0.0.0 IF %IFindex%
ROUTE PRINT %NetSubnet%
PING -n 10 -w 1 -l 1 127.0.0.1 >NUL
EXIT /B 0

:: ************ Method -2 ************ ::

@ECHO OFF
COLOR 8F
SET NetSubnet=172.16.0.0
SET SubnetMask=255.255.0.0
ECHO.
ECHO ###########################################################
ECHO            PLEASE DO NOT CLOSE THIS WINDOW      
ECHO This window will automatically disappear after 10 seconds.
ECHO ###########################################################
ECHO.
SET cWMIC=WMIC NICCONFIG WHERE "ServiceName='NdisWan'" GET IPAddress /FORMAT:CSV
FOR /F "tokens=2 delims=,{}" %%i IN (' %cWMIC% ^|FIND "."') DO SET IPAddress=%%i
ECHO Obtained IP address: %IPAddress%
ECHO.
ECHO Updating Routing Table, please wait....
ECHO.
ROUTE DELETE %NetSubnet% >NUL
ROUTE ADD %NetSubnet% MASK %SubnetMask% %IPAddress% METRIC 1
ROUTE PRINT %NetSubnet%
PING -n 10 -w 1 -l 1 127.0.0.1 >NUL
EXIT /B 0

Optionally if you want this batch script to dial VPN connection then you can use following batch script. It will dial VPN connection and will set route for the remote subnet.

:: ************ Method -1 ************ ::

@ECHO OFF
COLOR 8F
SET NetSubnet=172.16.0.0
SET SubnetMask=255.255.0.0
ECHO.
ECHO ###########################################################
ECHO            PLEASE DO NOT CLOSE THIS WINDOW     
ECHO This window will automatically disappear after 20 seconds.
ECHO ###########################################################
ECHO.
ECHO Dialing VPN, please wait....
RASDial ConnectionName MyUsername MyP@ssw0rd
PING 127.0.0.1 -n 15 -l 0 -w 0 >NUL
FOR /F %%I IN ('ROUTE PRINT ^|FIND "WAN (PPP/SLIP)"') DO SET IFindex=%%I
ECHO.
ECHO Updating Routing Table, please wait....
ECHO.
ROUTE DELETE %NetSubnet% >NUL
ROUTE ADD %NetSubnet% MASK %SubnetMask% 0.0.0.0 IF %IFindex%
ROUTE PRINT %NetSubnet%
PING -n 5 -w 1 -l 1 127.0.0.1 >NUL
EXIT /B 0

:: ************ Method -2 ************ ::
@ECHO OFF
COLOR 8F
SET NetSubnet=172.16.0.0
SET SubnetMask=255.255.0.0
ECHO.
ECHO ###########################################################
ECHO            PLEASE DO NOT CLOSE THIS WINDOW      
ECHO This window will automatically disappear after 20 seconds.
ECHO ###########################################################
ECHO.
ECHO Dialing VPN, please wait....
RASDial ConnectionName MyUsername MyP@ssw0rd
ECHO.
ECHO Obtaining IP Address, please wait....
PING 127.0.0.1 -n 15 -l 0 -w 0 >NUL
SET cWMIC=WMIC NICCONFIG WHERE "ServiceName='NdisWan'" GET IPAddress /FORMAT:CSV
FOR /F "tokens=2 delims=,{}" %%i IN (' %cWMIC% ^|FIND "."') DO SET IPAddress=%%i
ECHO Obtained IP address: %IPAddress%
ECHO.
ECHO Updating Routing Table, please wait....
ECHO.
ROUTE DELETE %NetSubnet% >NUL
ROUTE ADD %NetSubnet% MASK %SubnetMask% %IPAddress% METRIC 1
ROUTE PRINT %
NetSubnet%
PING -n 5 -w 1 -l 1 127.0.0.1 >NUL
EXIT /B 0


In above script beside setting ‘NetSubnet’ and ‘SubnetMask’ variables and you have to provide required information to RASDial command.
RASDial command syntax is

              RASDial entryname [username [password|*]] [/DOMAIN:domain]

 Here 'entryname' is the connection name (shown in image below) that have created under 'Network Connections' for dialing VPN connection.


3 comments:

  1. Thanks been looking for a similar script.

    ReplyDelete
  2. i was looking for this from a long time, need some professional paid help too, kindly contact on bipin at xbipin dot com

    ReplyDelete
  3. you are the guy! thank you!

    ReplyDelete