RRAS not giving DHCP addresses via PPTP VPN

Posted on 2009-02-10
Last Modified: 2012-05-06
Hi all,

I've got a SBS 2003 server that's started giving me problems recently.  I can connect via PPTP VPN but always get a self-assigned address (169.x.x.x) until I restart RRAS from within the RRAS console.  This started happening 1-2 weeks ago.

A few quick googles didn't yield much but did help me realise that something strange is going on - two processes are running on port 67 (DHCP) on the server (see below).

After I restart RRAS, the SVCHOST PID changes but still is running on port 67 concurrently with DHCP.  Despite two processes listening on port 67, RRAS now gives PPTP clients a valid IP (10.x.x.x)

Any ideas on the cause and fix?


netstat output:


Active Connections

  Proto  Local Address          Foreign Address        State           PID

  UDP            *:*                                    1612

  UDP            *:*                                    7272


Tasklist output:


Image Name                     PID Services                                    

========================= ======== ============================================

svchost.exe                   1612 AeLookupSvc, BITS, Browser, CryptSvc,       

                                   dmserver, EventSystem, helpsvc,             

                                   lanmanserver, lanmanworkstation, Messenger, 

                                   Netman, Nla, RasMan, RemoteAccess,          

                                   Schedule, seclogon, SENS, ShellHWDetection, 

                                   winmgmt, wuauserv

Open in new window

Question by:Vires_PtyLtd
    LVL 51

    Expert Comment

    Are you running WDS on this server also?

    You may want to check DHCP leases next time you encounter this problem - see if the scope is exhausted or there are 10 RRAS leases already.

    Normally, RRAS reserves 10 IPs at a time from DHCP for use with the clients that RAS in, when that pool gets near it's capacity, then RRAS will request another block of 10 IPs.  I think you may have a pool exhaustion happening.

    LVL 1

    Author Comment

    After a month, the problem finally came back so I could look at things while they were messed up.

    It only seems to happen after the server restarts.

    A few other symptoms:
    *  In DHCP, there are no RAS reservations - whether things are working or not.  This is the first SBS server I've seen with a DHCP Relay Agent configuration. (In RRAS, under IP routing there is General, Static Routing, and DHCP routing entries).

    * In RRAS, the Internal interface is Up but has a 169.*.*.* self-assigned address.  After restarting RRAS, it correctly has a 10.0.*.* address.

    It looks as though RRAS tries to reserve addresses and can't, then falls back to a 169.*.*.* IP.  Others have suggested changing the boot order of the services (to make sure DHCP starts up first - how do I do this?), checking if a rogue DHCP server is interfering (none as far as I can see), and if the DHCP server is trusted (it is Active Dir authorised).

    Any suggestions?
    LVL 51

    Accepted Solution

    You should use the RRAS service to put in a dependency on DHCP service.

    In Services.msc is where you can modify the RRAS service dependencies.  You may need to look at the DHCP server service to find the service name to add as the dependency.

    LVL 1

    Author Closing Comment

    Thanks for the help - there doesn't appear to be a way to add dependencies via services.msc but I found the microsoft documentation on adding dependencies via the registry which worked.
    LVL 1

    Author Comment

    I was able to add a dependency by following the microsoft instructions available here:


    Backup and open the registry
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\<Service name>
    Add a key of type REG_MULTI_SZ named DependOnService (if it doesn't exist already)
    Add the service dependcies, ONE per line

    Note: To wait for the DHCP server, add "DHCPServer" not "DHCP" (this is the client)

    Changes seem to be instantly reflected in services.msc
    LVL 51

    Expert Comment

    Perfect!  Nice work.


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Why You Should Analyze Threat Actor TTPs

    After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

    Scenerio: You have a server running Server 2003 and have applied a retail pack of Terminal Server Licenses.  You want to change servers or your server has crashed and you need to reapply the Terminal Server Licenses. When you enter the 16-digit lic…
    You may have discovered the 'Compatibility View Settings' workaround for making your SBS 2008 Remote Web Workplace 'connect to a computer' section stops 'working around' after a Windows 10 client upgrade.  That can be fixed so it 'works around' agai…
    In this sixth video of the Xpdf series, we discuss and demonstrate the PDFtoPNG utility, which converts a multi-page PDF file to separate color, grayscale, or monochrome PNG files, creating one PNG file for each page in the PDF. It does this via a c…
    Internet Business Fax to Email Made Easy - With eFax Corporate (, you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

    760 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    12 Experts available now in Live!

    Get 1:1 Help Now