Application scenario: Many enterprises now use VPN to connect resources that may be needed by the company's internal network when working outside, which not only ensures the security of the company's resources, but also prevents external intrusion, including Alibaba Cloud, Tencent Cloud, Sina Cloud When deploying cluster business, domestic mainframe vendors will also use their own access to the ECS through vpn, so they will encounter a very embarrassing problem. After connecting to the VPN, they find that their local network cannot be accessed. If the VPN does not bring the Internet, it is equivalent to that the computer cannot access the Internet during the connection. To solve this problem, you must manually add routing.
What is VPN?
The function of virtual private network is to establish a private network on the public network for encrypted communication. It is widely used in enterprise networks. VPN gateway realizes remote access by encrypting data packets and converting the destination address of data packets. VPN can be classified in many ways, mainly by protocol. VPN can be realized through servers, hardware, software and other ways.
Principle:
When the client connects to the vpn, it will take the vpn route to the ECS intranet segment, so it cannot access local intranet resources. This test is because the campus network connected to Alibaba Cloud by using the campus network of colleges and universities can not access campus resources, so Baidu has solved the same problem for reference( Small advertisement: you can exchange the university campus network authentication network bypass, comment and leave a message )
terms of settlement:
1) Open DOS window, Start menu - Run (run as administrator) - Enter route print View the current route
2) Then Connect vpn, Check the route again and find that the default route has changed
3) Add the route that needs to access the local network segment. The command format is as follows:
Route add - p target network segment MASK target network segment subnet mask next hop gateway METRIC metric
-PParameter: permanently add a route without setting it every time you start up
Target network segment: e.g. 192.168.1.0
Subnet mask: such as 255.255.255.0
Next gateway: VPN not connected Open DOS Input command ipconfig/all It can be viewed, such as 192.168.1.254
Metric: Negligible parameter. The smaller the number, the higher the priority
For example, a complete command:
route ADD 157.0.0.0 MASK 255.0.0.0 157.55.80.1 METRIC 3
4) After entering the command, press Enter to prompt that the command is completed successfully, and then use route print Check that there is an additional record in the permanent route.
5) The above can be settled.
Reference link:
https://blog.csdn.net/u013221557/article/details/78681403
https://blog.csdn.net/miaoniuye/article/details/80049425
http://service.tp-link.com.cn/detail_article_414.html
