Windows 10 is a great Operating System, with loads of new features, like PowerShell v5 🙂
However, when working with VPN connections, you might notice some strange behaviours, like:
- Unable to modify the TCP/IPv4 properties of the VPN connection. You can click on the button, but nothing will happen…
- When you try to resolve an internal hostname or fqdn, it cannot be resolved as the DNS server specified in the VPN connection is not begin used. Instead, the DNS server specified on your primary LAN- or WiFi connection is being used. This is easy to check with nslookup when connected to VPN.
The issue seems to be caused by changing the priority (metric) of your network connections, so that your VPN connection always gets the lowest metric, resulting in the highest priority. However, you cannot change the metric of your VPN connection permanently. Every time you disconnect and then reconnect, the default metric will be back. Therefore, we will change the metrics of the physical connections using PowerShell.
First, connect to your VPN connection as you would normally and start a PowerShell session as Administrator.
Next, check your current metric with the following PowerShell command:
Get-NetIPInterface | Sort-Object Interfacemetric
Make a note of all interfaces that have a lower metric than your VPN connection.
Change these interaces to a higher metric using the following command:
Set-NetIPInterface -InterfaceIndex <indexnumber> -InterfaceMetric <metric>
For example, my VPN connection gets a metric of 10 by default, so I’ve set the metric of my WiFi and Ethernet connection to 15 using above command.
After doing this, you will notice that nslookup will now use the DNS server specified on the VPN adapter again and therefore, will be able to resolve internal DNS records once again. Hooray!
Hopefully, this will be fixed in a future update of Windows 10.