cant reach VPN client from server end using RRAS on Windows server 2003

I have one server that is running RRAS I am using it as a VPN server. I have another server that is my dhcp server, dns server and domain controler. I have the vpn setup and when a VPN client is conected I can ping the client from the VPN server but i cannot ping the VPN client from the other servers or pc's on the network. I need to be able to do this. I no that on the dial up tab of the user there is an option to specify static routes. There is also a place to specify static routes in RRAS. Im not even sure if this is what I need to do but if it is how do I go about it? if it is not, how can I get the other pc's on the lan to be able to comunicate with the VPN Client.
Who is Participating?
Rob WilliamsConnect With a Mentor Commented:
dustinwk, played with this a bit and re-reading we need to add some routes but I need to confirm the configuration.
Do both the RRAS server and the other (DNS, DHCP etc) have a single network card, or do either have 2.
What are all the subnets for server's, client PC's and, VPN clients. If all the same still need a route, but let me know.
If they are all the same subnet, and a single network adapter, best to put the route on the router. What make and model is that (at the server site)
Rob WilliamsCommented:
-First problem is; does the VPN client have a static address ? Though this is not necessary to ping, but in the long term if other machines/servers need to connect, they will need to do so.
If you want to assign a VPN client a static IP you can do so under the dial-in tab of the user's profile in Active Directory.
-Are your VPN clients assigned an IP in a different subnet than the local network for the servers? if so you ether need to change the Static address pool in RRAS to be the same subnet, or add a route to the servers, to locate the VPN client, which is why you need the static address above. As an example, assume the server network uses 192.168.100.x, the RRAS server's IP is, and the VPN clients use 192.168.200.x then add to the other servers:
route  -p  add  mask
to remove the route
route delete
dustinwkAuthor Commented:
hey rob, this is somewhat the same issue ive been having I have not been able to get an answer but I have gone through several things and thus the new post.

Yes I have set up the clients dial-up tab to include a stattic address and yes they are on the same subnet. again I have no problem comunicating with the client from the VPN server. I have all the ports open up on the clent side firewalls and such. But the other pc's on the network do not see the static address assigned by RRAS as valid is there away to make them see it or route it for such.
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Rob WilliamsCommented:
Hi dustinwk. Sorry I missed you reply here somehow. Also didn't notice earlier that we have been working on this same issue before. To bad there have been no other replies for additional input. Glad to stay on it though.

We have been through most of options I am familiar with, but I am very interested in some of the issues you are dealing with. Tonight or in the morning I will try to simulate this, and the DHCP relay configurations, on some virtual machines and get back to you. I was able to do something similar to what you are doing here by adding a route on the client and on the server, but it was not exactly the same situation, so I'll test further and report back.
dustinwkAuthor Commented:
thanks for the help rob but i gave up on this one
Rob WilliamsCommented:
OK. Thanks dustinwk.
Cheers !
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.