I followed these instructions on www.hottonetworking.com to set up VPN on a clean install of Windows Server 2008 SP2 (not R2 yet).
When I then establish a VPN connection to that machine from a client machine (running Windows 7 RC), everything succeeds (it seems since I get a 'Connected' state in the network sharing center window), but I end up with a subnet mask (according to ipconfig /all) of 255.255.255.255 instead of 255.255.255.0. The net effect is that I don't have local network or internet capability.
What additional configuration steps do I have to do to get VPN with the proper subnet mask working?
Update: Using the steps outlined in the Technet article mentioned by Mr. Nimble, I was able to get internet connection. Apparently the subnet mask is not an issue as my coworker was able to connect using his VPN connection and ping the server machine by name as well.
I've done some testing with the VPN connections on my laptop, and all of them work and are assigned the 255.255.255.255 subnet mask, so I beleive this is the normal and expected setting. As such, this is most likely not the cause of your connectivity issues.
If you are able to access the internet via the VPN connection, then obviously the VPN connection is working and passing traffic correctly. I suspect your issue lies with DNS/name resolution with respect to your intranet.
A simple test would be to try pinging or browsing to the server via IP address - if this works, then you issue is DNS related. The next step would be to ping the fully qualified domain name of the server (instead of 'server', ping 'server.domainname.local', using the correct values for your network of course).
If both those work, then what you'll need to do is set the DNS suffix in your VPN connection properties.
To do this:
- Goto the properties page for the VPN connection in question (on your client PC)
- Click on the networking tab
- Select IPv4 and click the properties button
- Click the Advanced button
- Click the DNS Tab
- On the DNS settings tab, enter your intranet's DNS suffix (the 'domainname.local' from above that matches your network).
Save all those settings, then reconnect to the VPN and trying pinging your server using the short DNS name now - it should hopefully work.
You can configure Routing and Remote Access to either give certain IP, NetMask, and Router information, or you can let it redirect to the DHCP server.
Look at this Technet Article go to the section called "Configure VPN1 to be a VPN server" which is about half way down.
Also make sure the interface (or interfaces) you are using are fully configured for TCP/IP v4 with IPs, Subnet Mask, and a Gateway.
Also see this section on the DHCP relay agent.
I have had this issue many times before with the RAS server obtaining wrong subnet for my VPN network. Trying manual IP ranges in RAS also did not work. Still gave different subnet config. The issue is with the DHCP server and not the RAS server configuration.
This is the solution that I found that works:
1) Remove the DHCP scope that is currently set up for your RAS config, 2) Restart DHCP server ( I stop myself, then start ), 3) Add a new scope with required IP settings for your setup. 4) Voila! :-)
I have only got this working with my set up using Windows Server 2016 DataCentre. If this works for you also using a different version, let me know.
I have had this problem many times but when I have been fiddling with network adapters. So maybe DHCP server config is affected and causes wrong subnet addresses. I was receiving subnet of '255.255.255.255' so VPN was connecting but shares and network access was not available.
Hope this helps someone!