Created
May 13, 2020 12:02
-
-
Save 01000101/aa4712fda1f5237e249e09408ad64442 to your computer and use it in GitHub Desktop.
PowerShell script to remove unwanted "full tunnel" Palo Alto GlobalProtect VPN routes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Description name of the GlobalProtect interface | |
| $gp_iface = "PANGP Virtual Ethernet Adapter" | |
| # Routes to remove from the GlobalProtect interface | |
| $bad_routes = @( | |
| '0.0.0.0/0', | |
| '10.1.10.0/24', | |
| '10.1.10.255/32', | |
| '172.16.100.0/24', | |
| '192.168.1.0/24') | |
| # How many loops used to remove routes. | |
| # GlobalProtect will re-add routes if this value is too low. | |
| $loop_count = 5 | |
| # Sleep time per loop, in seconds (decimal) | |
| $sleep_time = 1 | |
| Write-Output "Finding GlobalProtect interface index..." | |
| $gp_idx = (Get-NetAdapter -InterfaceDescription $gp_iface).IfIndex | |
| Write-Output "GlobalProtect interface index: $gp_idx" | |
| Write-Output "Dumping GlobalProtect routes..." | |
| Get-NetRoute -InterfaceIndex $gp_idx | |
| Write-Output "Removing bad routes..." | |
| For ($i = 0; $i -le $loop_count; $i++ ) { | |
| foreach ($route in $bad_routes ) { | |
| try { | |
| Remove-NetRoute -DestinationPrefix $route -InterfaceIndex $gp_idx -Confirm:$false -ErrorAction Stop | |
| Write-Output "+ Deleted route: $route" | |
| } | |
| catch { } | |
| } | |
| Start-Sleep -Seconds $sleep_time | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I found this incredibly useful for fixing the routing when GlobalProtect takes over my Docker networks. What was the impetus for the script and did you ever find out why GlobalProtect is so ham-fisted? (I'd love to not need the script any longer)