vpn ip range on sbs2011

When I connect to our VPN server managed by our SBS2011 server, the IP address I get is in the range of 169.254.128.x. Our lan IP range is 192.168.0.x. Shouldn't the VPN ip address I get be in the same range as the local lan ? Access to to shares on the server itself from the vpn pc works fine, but I cannot ping any device on our local lan ip (192.168.0.x). Should the VPN wizard on the server reconfigure the proper ip settings, or use different method ?

This started happening after a major problem caused by Eset's uninstaller utility on the server. The normal uninstall did not work, so had to use their utility to cleanup the remainings of Eset. But after running it and rebooting the server, The uninstaller had reset all network cards, set to dhcp, etc etc. So AD was not working anymore, nwk cards were disabled, could not connect to the server anymore, quite a nightmare. Long story short, after putting back the ip address and network settings on the card, the server was finally functionnal and pc's could access it normally, with Exchange services, RWA, etc. The VPN seems to be the last item to fix back.

Who is Participating?
Rob WilliamsCommented:
I would run the fix my network wizard located in the SBS management console under network | connectivity, then re-run the VPN wizard which will recreate the VPN using the SBS's own DHCP server for handing out IP's to VPN clients.

Though the above method is the correct method for SBS, if you are unsuccessful you can set a DHCP range, a static address pool, for VPN clients by opening the RRAS console, right click on the server name and choose properties, and select static address pool under the IPv4 tab.

For the record 168.254.x.x  will work, but it will only allow you to connect to the SBS itself unless you maually add static routes to VPN client machines and the machines to which they are connecting.
ndidomenicoAuthor Commented:
Thanks Robwill. Ran the fix my network, which found 3 problems that it was able to fix successfully (1:no static ip for ipv6, 2:dns server not listening to ip address of primary nwk card, 3: time service is not enabled). Then ran the vpn wizard. Now can connect vpn and I get a proper ip address in the same range as the local lan. Can ping devices on the network, can browse shares on the server. Great !

The only problem that remains is that name resolution does not work , except for the server name itself (which I am able to browse shared folders on it using its name and not having to use it's ip address). IE: I can vnc to a pc using the ip address but ping or vnc using the pc name will not work. Note: I did not enter anything in the vpn properties for DNS and Wins IP addresses.
Any idea ?
Rob WilliamsCommented:
With SBS 2003 the VPN wizard created a deploayble package that contained the DNS IP and DNS suffix to allow for name resolution.  Unfortunately SBS 2008/2011 does not have this. However it is easy to manaulay add. See the following link (my Blog):

If you have multiple clients and you want to create an deplyable client that is preconfigured for your network, has the neccessary name resolution changes, and is slightly more secure, see:
ndidomenicoAuthor Commented:
Thank you so much Robwill. The DNS setting with the suffix worked perfectly ! I think everything is back to normal, thanks to your help !
Rob WilliamsCommented:
Very welcome. Glad to hear you were able to resolve.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.