Microsoft Technical Takeoff: Windows and Microsoft Intune
Oct 24 2022 07:00 AM - Oct 27 2022 12:00 PM (PDT)

Split Tunnel VPN does not route TCP traffic with release 21H2

New Contributor

Hi All hoping someone can assist.

 

We use an L2TP Split Tunnel VPN terminated at a Cisco Meraki Router.

We deploy the VPN with a powershell script which adds the VPN and a couple of routes using the Add-VPNConnectionRoute command.

We have used this configuration for several years without problem.

 

The last several clients we have tried to deploy we have found that they are unable to use the VPN.

On further troubleshooting it appears that only TCP traffic is affected.

IE, we can ping the desired server across the VPN fine.

We can also use nslookup to communicate with the servers fine (UDP traffic)

But any TCP connection (File services, odbc connection etc) times out with no response.

 

If we edit the VPN to be a full tunnel by enabling the "Use default gateway..." option in the VPN adapter and re-connect the connection works fine.

 

At a loss where to proceed here, have been looking for other users with same issue but have not found any.

 

 

 

3 Replies
Did you ever work this out? We're experiencing the same issues.

@JamesBuh 

 

Having the same issue right now while deploying around 120 new Clients. Interestingly enough it only affects that were deployed in our custer's office and not our office. 

 

Using Wireshark you can really see that everything works except TCP traffic. 

 

Update: Using Wireshark and Procmon I was able to determine that the Dell optimizer was the culprit. 

@JamesBuhApologies all, I did work this out, neglected to update this post.

 

The problem was caused by the Dell Optimiser SW that came pre-installed on out laptops, but it only affected users that did NOT have local administrator rights. Uninstalling the SW fixed the issue for all our endpoints.