I want to use LT2P/IPsec to connect a Windows 10 client over the internet to a Windows 2019 server. After connecting, the client should still be able to browse the internet. The client needs access to the server's disks (Drive mappings) and to a service running on a port.
So I've set up the VPN according to the documentation (and help sites in order to access the server behind a NAT router) and conection is fine. The client is able to connect and access the desired server resources, but has no more internet access.
I found a help article suggesting to disable the 'use default router' check box on the client's VPN interface and to add a route using 'route -p add 10.11.0.0 mask 10.11.0.0 (where 10.11.0.0 is the first address of the configured VPN address range on the server). Doing this enabled the client to access internet, but network drives couldn't be mapped any more.
I found out that opening incoming UDP 139 on the Windows Firewall on the client machine makes it run. Now I can connect and map network drives and browse the internet, but I cant address the service on the server anymore, as the server has the IP address 192.168.1.40 and that is searched (and not found) on the local network now.
So what changes can I apply to get the desired results? I guess I could address the destination network router IP and forward the service port to the server. But that traffic wouldn't go through the secure VPN tunnel, which I want.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 75%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJM%3C/text%3E%3C/svg%3E)
