How to Force Windows to Use the Correct Default Gateway

Many of us will end up using our home PCs to not only connect out to the internet, but also to connect to our home labs. You may be using an Ethernet connection out to the internet and a wireless connection to your home lab, or vice versa. The following diagram is an example of such a set up.

The issue here is that if you are trying to connect to the home lab via telnet,ssh or remote into a server your connection will most likely fail. You may notice that you can connect to the lab's wireless access point and it's gateway at but beyond that you get nothing. Some simple commands and a little exploring can shed some light on this issue. First let's open up an elevated command prompt. (Right click Command Prompt and click Run As Administrator)

Notice Ping failure and wrong default gateway on tracert.
Here we see that we cannot reach the AAA server when we ping Next we run a tracert command. Notice that the PC has chosen to send to the wrong default gateway of (or out towards the internet). Since your home internet router is likely unaware of how to reach the network this will result in a connection failure.

Ping to wireless gateway is successful
Next let's try a ping which is the default gateway of the lab wireless access point we are connected to. Notice that this time it is successful. This is because the IP that we are pinging is on the same network as the wireless adapter on our PC. Anything beyond this network and the PC will always use the wired gateway (, causing a failure. So how do we get around this problem?

Add a route to Windows
Simple. We need to tell windows where to send traffic destined for a specific network by adding to the static route to the Route Table. Type command route add -p mask in the command prompt. This command tells our computer that anything destined for the network, send it to the wireless gateway of (which we know our PC can reach).  Next we verify the route.

Verify the added route.
Now just type route PRINT -4 into the command prompt. This tells the PC to show the current IPv4 routes it has in its table. The -p in the command allows the route to be a Persistaent Route meaning it will still be there after the computer is rebooted. Most likely you will want this. With -p the route will be stored in the registry key at:


If for any reason you need to remove this route just use the command route remove -p mask

There we have it! We can now successfully connect to the AAA server in our home lab. As an added bonus, because we added the route to our PC's route table, now we can reach any IP in the lab that begins with 10.x.x.x! Hope this helps!

No comments:

Post a Comment