我们的工作 DNS 包含某些网站(例如 facebook.com)的条目,该条目路由到公司网站(有效地阻止了这些网站)。
当我从家里连接到 VPN 时,我无法访问这些网站。我已检查 VPN 设置,IPv4 和 IPv6 均设置为自动获取 DNS,并且已Use default gateway on remote network取消选中。
我的理解是,这应该足够了,因为我实际上并没有在 VPN 端使用 DNS - 我必须在连接到 VPN 时向我的机器添加路由,以便我可以通过 IP 访问服务器(名称对我来说不起作用)。
我还需要做些什么来确保我的网络流量不会通过 VPN 连接/DNS 服务器吗?
路线添加批处理文件
IPCONFIG |FIND "192.168.2" > %temp%\TEMPIP.txt
FOR /F "tokens=2 delims=:" %%a in (%temp%\TEMPIP.txt) do set IP=%%a
del %temp%\TEMPIP.txt
set IP=%IP:~1%
route add 192.168.4.0 mask 255.255.255.0 %IP%
route add 192.168.5.0 mask 255.255.255.0 %IP%
route add 192.168.2.0 mask 255.255.255.0 %IP%
route add 192.168.15.0 mask 255.255.255.0 %IP%
route add 10.4.0.0 mask 255.255.255.0 %IP%
Pause
路由表
===========================================================================
Interface List
32...........................Work VPN
16...00 26 83 32 3f c5 ......Bluetooth Device (Personal Area Network)
10...54 04 a6 49 3b 5e ......Intel(R) 82579V Gigabit Network Connection
18...00 50 56 c0 00 01 ......VMware Virtual Ethernet Adapter for VMnet1
19...00 50 56 c0 00 08 ......VMware Virtual Ethernet Adapter for VMnet8
22...08 00 27 00 4c c0 ......VirtualBox Host-Only Ethernet Adapter
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
24...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
===========================================================================
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.67 10
10.4.0.0 255.255.255.0 On-link 192.168.2.219 11
10.4.0.255 255.255.255.255 On-link 192.168.2.219 266
97.67.171.34 255.255.255.255 192.168.1.254 192.168.1.67 11
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.67 266
192.168.1.67 255.255.255.255 On-link 192.168.1.67 266
192.168.1.255 255.255.255.255 On-link 192.168.1.67 266
192.168.2.0 255.255.255.0 192.168.2.215 192.168.2.219 11
192.168.2.219 255.255.255.255 On-link 192.168.2.219 266
192.168.4.0 255.255.255.0 On-link 192.168.2.219 11
192.168.4.255 255.255.255.255 On-link 192.168.2.219 266
192.168.5.0 255.255.255.0 On-link 192.168.5.1 276
192.168.5.0 255.255.255.0 On-link 192.168.2.219 11
192.168.5.1 255.255.255.255 On-link 192.168.5.1 276
192.168.5.255 255.255.255.255 On-link 192.168.5.1 276
192.168.5.255 255.255.255.255 On-link 192.168.2.219 266
192.168.15.0 255.255.255.0 On-link 192.168.2.219 11
192.168.15.255 255.255.255.255 On-link 192.168.2.219 266
192.168.44.0 255.255.255.0 On-link 192.168.44.1 276
192.168.44.1 255.255.255.255 On-link 192.168.44.1 276
192.168.44.255 255.255.255.255 On-link 192.168.44.1 276
192.168.56.0 255.255.255.0 On-link 192.168.56.1 276
192.168.56.1 255.255.255.255 On-link 192.168.56.1 276
192.168.56.255 255.255.255.255 On-link 192.168.56.1 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.56.1 276
224.0.0.0 240.0.0.0 On-link 192.168.1.67 266
224.0.0.0 240.0.0.0 On-link 192.168.44.1 276
224.0.0.0 240.0.0.0 On-link 192.168.5.1 276
224.0.0.0 240.0.0.0 On-link 192.168.2.219 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.56.1 276
255.255.255.255 255.255.255.255 On-link 192.168.1.67 266
255.255.255.255 255.255.255.255 On-link 192.168.44.1 276
255.255.255.255 255.255.255.255 On-link 192.168.5.1 276
255.255.255.255 255.255.255.255 On-link 192.168.2.219 266
===========================================================================
Persistent Routes:
None
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
22 276 fe80::/64 On-link
10 266 fe80::/64 On-link
18 276 fe80::/64 On-link
19 276 fe80::/64 On-link
10 266 fe80::1952:caa2:ca98:7c84/128
On-link
22 276 fe80::6857:2bce:d4bb:a70a/128
On-link
18 276 fe80::689d:f649:498a:6fe9/128
On-link
19 276 fe80::9947:d298:f006:7a0c/128
On-link
1 306 ff00::/8 On-link
22 276 ff00::/8 On-link
10 266 ff00::/8 On-link
18 276 ff00::/8 On-link
19 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
答案1
您的路由表看起来很好,所以正在发生的情况是工作中的 pptp 服务器正在将 DNS 服务器的选择推送到您的机器。
你应该确保我的 VPN 类型设置为 PPTP,而不是自动,网络选项卡上未勾选 IPV6,并且使用以下 DNS是不是设置为 VPN 的端点 DNS(即办公室的 DNS),但设置为某些已知的 DNS 集。
如果您没有一组喜欢的 DNS,那么 Google 的 DNS(8.8.4.4 和 8.8.8.8)就足够了。输入这些。
编辑:
经过再三考虑,我意识到我的回答太简洁了,所以我们就开始吧。
要查看您当前的 DNS 组,
netsh interface ipv4 show dnsservers
会出现这样几行:
Configuration for interface "Your_VPN"
Statically Configured DNS Servers: aa.bb.cc.dd
ee.ff.gg.hh
Configuration for interface "Local Network Connection"
DNS servers configured through DHCP: 192.168.1.1
192.168.1.2
您可以通过以下方式清除 VPN 的 DNS:
netsh interface ipv4 delete dnsservers name="Your_VPN_Interface_Name" address=all validate=no
您的 VPN 接口名称应该是点对点0,但你最好检查一下。
最后,此命令添加您的 VPN DNS,以防您需要它们来解析远程 LAN 上的主机名,但它将它们放在后座与您本地网络的 DNS 相对应,这样只有当本地 DNS 发生故障时才会调用它们(IE(对于远程 LAN):
netsh interface ipv4 add dnsservers name="<Interface Name>" address=<Non-VPN DNS server> index=1 validate=no
注意:此命令应该不是在前一个之后使用,但反而这样,您就不会删除您的 VPN DNS,只是将它们降级为备份角色。