A computer running Windows 7 connects to the corporate network through a VPN connection. You want to ensure that you can still access the Internet when the VPN is active, but Internet traffic must not be routed through the VPN tunnel. Which configuration change should you make on the VPN connection?

Introduction / Context:
Virtual Private Network connections often use the remote network as the default route, meaning that all traffic, including Internet traffic, is sent through the VPN tunnel. This improves security but can be inefficient and unnecessary in some scenarios. The question focuses on configuring split tunneling on a Windows 7 VPN client so that only corporate network traffic goes through the VPN, while Internet traffic uses the local gateway.

Given Data / Assumptions:

• The client computer runs Windows 7.
• The client connects to the corporate network via a VPN connection.
• You want Internet access while the VPN is connected.
• Internet traffic must not use the VPN tunnel as a default route.
• You are allowed to change settings on the VPN connection.

Concept / Approach:
By default, many VPN connections are configured to use the remote network default gateway, which routes all traffic over the VPN. To implement split tunneling, you must change the advanced TCP/IP settings for the VPN adapter. Specifically, you clear the option that says Use default gateway on remote network. This allows the local network adapter default gateway to carry Internet traffic, while routes added by the VPN are used only for corporate subnets.

Step-by-Step Solution:
Step 1: Open the Network and Sharing Center on the Windows 7 client.Step 2: View the properties of the VPN connection and then open the properties of the Internet Protocol (TCP/IP) configuration used by the VPN.Step 3: Click the Advanced button to open advanced TCP/IP settings.Step 4: In the advanced settings, locate the option named Use default gateway on remote network.Step 5: Clear or uncheck this option to prevent the VPN from overriding the local default gateway, then save the settings.
Verification / Alternative check:
After applying this change, reconnect the VPN and then run route print or use network diagnostic tools to confirm that a default route still points to the local router, while specific routes exist for corporate subnets through the VPN interface. Test by browsing to an Internet site and then by accessing an internal corporate resource. Both should work, with Internet traffic going directly out through the local network and intranet traffic using the VPN tunnel.

Why Other Options Are Wrong:
Option A, changing the DNS server, does not control how traffic is routed; it only affects name resolution. Option B, setting a static IP and gateway, addresses local networking but does not fix the VPN default route behavior. Option C, modifying security settings, might affect encryption or authentication but not routing. Only option D directly addresses the advanced TCP/IP setting on the VPN connection that determines whether the remote default gateway is used for all traffic.

Common Pitfalls:
Many users assume that simply connecting to a VPN will always allow Internet access in parallel, not realizing that the default gateway may be redirected to the remote network. Others may attempt to fix the problem by manually editing local routes without understanding the VPN configuration. The clear and supported method in Windows is to configure advanced TCP/IP properties of the VPN and disable the use of the remote default gateway when split tunneling is desired and permitted by policy.

Final Answer:
You should modify the advanced TCP/IP settings of the VPN connection and disable the option to use the remote default gateway.