Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


vpn ip range on sbs2011

Posted on 2012-03-17
Medium Priority
Last Modified: 2012-03-17
When I connect to our VPN server managed by our SBS2011 server, the IP address I get is in the range of 169.254.128.x. Our lan IP range is 192.168.0.x. Shouldn't the VPN ip address I get be in the same range as the local lan ? Access to to shares on the server itself from the vpn pc works fine, but I cannot ping any device on our local lan ip (192.168.0.x). Should the VPN wizard on the server reconfigure the proper ip settings, or use different method ?

This started happening after a major problem caused by Eset's uninstaller utility on the server. The normal uninstall did not work, so had to use their utility to cleanup the remainings of Eset. But after running it and rebooting the server, The uninstaller had reset all network cards, set to dhcp, etc etc. So AD was not working anymore, nwk cards were disabled, could not connect to the server anymore, quite a nightmare. Long story short, after putting back the ip address and network settings on the card, the server was finally functionnal and pc's could access it normally, with Exchange services, RWA, etc. The VPN seems to be the last item to fix back.

Question by:ndidomenico
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
LVL 77

Accepted Solution

Rob Williams earned 2000 total points
ID: 37732777
I would run the fix my network wizard located in the SBS management console under network | connectivity, then re-run the VPN wizard which will recreate the VPN using the SBS's own DHCP server for handing out IP's to VPN clients.

Though the above method is the correct method for SBS, if you are unsuccessful you can set a DHCP range, a static address pool, for VPN clients by opening the RRAS console, right click on the server name and choose properties, and select static address pool under the IPv4 tab.

For the record 168.254.x.x  will work, but it will only allow you to connect to the SBS itself unless you maually add static routes to VPN client machines and the machines to which they are connecting.

Author Comment

ID: 37732878
Thanks Robwill. Ran the fix my network, which found 3 problems that it was able to fix successfully (1:no static ip for ipv6, 2:dns server not listening to ip address of primary nwk card, 3: time service is not enabled). Then ran the vpn wizard. Now can connect vpn and I get a proper ip address in the same range as the local lan. Can ping devices on the network, can browse shares on the server. Great !

The only problem that remains is that name resolution does not work , except for the server name itself (which I am able to browse shared folders on it using its name and not having to use it's ip address). IE: I can vnc to a pc using the ip address but ping or vnc using the pc name will not work. Note: I did not enter anything in the vpn properties for DNS and Wins IP addresses.
Any idea ?
LVL 77

Expert Comment

by:Rob Williams
ID: 37732894
With SBS 2003 the VPN wizard created a deploayble package that contained the DNS IP and DNS suffix to allow for name resolution.  Unfortunately SBS 2008/2011 does not have this. However it is easy to manaulay add. See the following link (my Blog):

If you have multiple clients and you want to create an deplyable client that is preconfigured for your network, has the neccessary name resolution changes, and is slightly more secure, see:

Author Comment

ID: 37732930
Thank you so much Robwill. The DNS setting with the suffix worked perfectly ! I think everything is back to normal, thanks to your help !
LVL 77

Expert Comment

by:Rob Williams
ID: 37733064
Very welcome. Glad to hear you were able to resolve.

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OpenVPN is a great open source VPN server that is capable of providing quick and easy VPN access to your network on the cheap.  By default the software is configured to allow open access to your network.  But what if you want to restrict users to on…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question