Windows Server 2008 and VPN on Home Network

Hi all,

I have Windows Server 2008 loaded on to a machine at home and was trying to get it setup to allow VPN connections remotely.
I have a vanilla install of Windows Server 2008 and I created a few users and installed the Remote Access Role.

1x Wireless router (with VPN port forwarding pointing to the server's IP)
1x Home PC (running Vista 64bit SP1)
2x Laptop (both running Vista 32bit SP1)

I have been able to connect through the VPN on the home pc and one laptop(not on the home network) but I keep getting limited connectivity on both VPN connections (1 internal network and 1 external network).

The other laptop cannot establish any connection to the VPN at all

1. Does anyone know what I could do to fix the limited connectivity problem?
2. Any ideas about the laptop that cannot establish any VPN connection at all?

Router settings:
Subnet Mask:
DHCP: <->
Primary DNS (Router):
Windows 2008 Server IP: (static)
Other machine on home network:

Any help would really be appreciated.

Thanks in advance
Who is Participating?
MrJemsonConnect With a Mentor Commented:
Sorry Seany84, I must have missed your reply there.

The add/delete route command is run on the client once the connection is made.

If it is yourself and 1 or 2 other developers, It would be easiest to just create the .bat file on your computer and the other developers computer. This way you will use your own internet connection, and only the VPN subnet will be routed across the VPN.

Open a new notepad file, type:

route delete mask <LOCAL VPN IP>
route add <VPN SUBNET> mask <VPN MASK> <LOCAL VPN IP>

Go to File -> Save As
Select 'All File Types'
Call it 'VPN.bat' or something and save on desktop
Run whenever you connect to the VPN.

This will work no matter where the client connects from.
In your routing and remote access, you need to add a DHCP Relay Agent.

This is found under ServerName, IPv4, DHCP Relay Agent
Seany84Author Commented:
I have added the IP address of the router in the DHCP relay agent on the server (

I have been unable to test this VPN remotely today, however,

I am still having the problem of no internet connectivity once I VPN from my home machine into the server via the wireless router. I can VPN although as I said I still have no internet connectivity.

I will reply tomorrow as I will be able to test the VPN remotely then.

Any suggestions for resolving this loss of internet connectivity once the VPN is established?

WEBINAR: GDPR Implemented - Tips & Lessons Learned

Join the WatchGuard team on Thursday, March 29th as we recount some valuable lessons learned in weighing the needs of a business against the new regulatory environment, look ahead at the two months left before implementation, and help you understand the steps you can take today!

Basically when the VPN comes up, it sets the VPN endpoint as the default gateway.

This can be overcome in a couple of ways.

You can either leave it as is, and turn on LAN Routing on the Server, and use the Server sides internet gateway.


You can change your routes manually.

To do this, open up a command prompt.

Type 'route print'

You should see two destination networks as

Type 'route delete mask <LOCAL VPN IP>'
Then 'route add <VPN SUBNET> mask <VPN MASK> <LOCAL VPN IP>'

You can also automate the above in a bat file for easy implementation.
Seany84Author Commented:
Thanks again for the reply MrJemson.

Before I make one of the changes you recommended above can I ask:
Will either of these solutions work for both VPN on the home network & when someone is connected externally? Which one would you recommend using? Max number of developers on the network will be myself + 1/2 others.

Also, the second approach you mentioned using the ROUTE ADD/DELETE commands.. Are they run from the server's command prompt or the connecting client's?
Seany84Author Commented:
this question is still awaiting a correct answer.

Seany84Author Commented:
Thanks for the info but I am just a little unsure about some of the IP's you mentioned. i.e. <VPN SUBNET> and <VPN MASK>
From the attached code snippet I presume that <LOCAL VPN IP> is so what values should I use for the VPN SUBNET and MASK?
Thanks for the help.
The VPN connection listed below is from an external network.

PPP adapter VPN Home External:
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : VPN Home External
   Physical Address. . . . . . . . . :
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . :
   Subnet Mask . . . . . . . . . . . :
   Default Gateway . . . . . . . . . :
   DNS Servers . . . . . . . . . . . :
   NetBIOS over Tcpip. . . . . . . . : Enabled
Wireless LAN adapter Wireless Network Connection:
   Description . . . . . . . . . . . : Atheros AR5006EX Wireless Network Adapt
   Physical Address. . . . . . . . . : 00-1B-9E-DD-F2-8A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::c085:d319:c85c:6aa8%11(Preferred)
   IPv4 Address. . . . . . . . . . . :
   Subnet Mask . . . . . . . . . . . :
   Lease Obtained. . . . . . . . . . : 03 September 2008 23:38:58
   Lease Expires . . . . . . . . . . : 04 September 2008 23:38:58
   Default Gateway . . . . . . . . . :
   DHCP Server . . . . . . . . . . . :
   DNS Servers . . . . . . . . . . . :
   NetBIOS over Tcpip. . . . . . . . : Enabled

Open in new window

No problem. Would be as follows:

route delete mask
route add mask
Seany84Author Commented:

I won't be able to test this until next Monday.
I will give you the points/feedback then.

Seany84Author Commented:
I still have not been able to get this to work :(
I have noticed that on the Windows Server 2008 management console that the IP(static) is, which is what I set it to.
When I view the ethernet connection details with ipconfig /all it tells me that the lan IP is (which is inside the DHCP range).
Should I be looking at getting another router at this point?
You router would not be the issue.
You should have two interfaces listed in the ipconfig.
You should have your statically assigned IP, and also an IP on a PPP adapter within your DHCP range.

So the route remove/add did not work?
Did you substitute the correct IP address into the command?
Seany84Author Commented:
It's working! :)
I hold my hand up for this one.. Prior to getting it working I was attempting to run the 'route' command while the VPN was connected..
I just ran the 'route' add/delete commands and then connected to the VPN. As you can see I still have internet connectivity.
Thanks a million for the assistance.
On a side note:
As part of the original post I mentioned I had another developer attempting to connect via VPN to this network. He still cannot connect at all.

I gave him my external IP address and as soon as he tries to connect he is prompted straight away with an error message saying a connection could not be established.
I have eliminated the possibility of the hardware firewall/anti-virus blocking this connection on his end.
Would you have any ideas what might be causing this connection to fail? I am fairly sure it is on his end because as soon as he attempts to connect he is shown the error message instantaneously.
Seany84Author Commented:
Thanks for the assistance. Now I can finally get some development done :)
I have another question I hope you could help with as part of the original post..
Thanks again
Correct Username and Password?
Is there a rule in the remote firewall only allowing connection from certain IP ranges?
Seany84Author Commented:
He definitely has the correct username/password as I have tried it myself.
I got him to turn off both his Windows firewall and his security suite firewall while we tried to establish a connection.
Sorry, I meant the firewall at the server end?
Seany84Author Commented:
I have checked the server's firewall and it is set to allow RRAS.
There is no other firewall between the server and the remote VPN user.
I have some bad info to report on the VPN connection at home.
After being connected to the VPN locally, after 5-10mins I still lose internet connectivity. Internet connectivity can be regained by disconnecting the VPN connection.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.