Hello! I've noticed a problem with my SSTP VPN connection on Windows 7 towards Server 2008R2 (but I guess it's a Windows VPN problem in general). My home router gives me IP address 192.168.1.10-192.168.1.20. Now, my work server is configured to give an IP from 192.168.1.10-192.168.1.20(or 30). Should my internal (home IP address) be the same as my work (VPN IP address), I don't have any connectivity towards my workplace. I could either change my router, or use 192.168.5.* range on the VPN server, but that is just half the solution. My coworkers connect to our server from all over the world, and there is no way to guarantee that their current network won't use the same IP as they get from our VPN. I know it's unlikely, but possible. And I really don't think that VPN should work 99% of the time. Any help would be appreciated. Thank you for your time.

The vpn ip range should not belong to any ip range in the internal network, this as general rule. Client connecting through vpn should be routed in order to reach the internal network. This likely will not happen for mobile vpn connections, since users connect with public ip. In a branch office schenario, that restriction needs to be taken into the account of course and plan the ip ranges accordinglyVincenzo MCTS, MCTIP Server 2008 | MCTS Exchange 2010 | WatchGuard Firewall Security Professional

WWAN provider in our country uses private network IP range. Wifi in every hotel uses private network IP range. Cheap ISPs use private networks. Universities, ... and the list can go on and on :( So you're saying that there is not a solution for this?

Hi, You may use the route print command to check the route list. Then you may check which interface is used for the subnet of workplace. Also, please check the metric value. If the metric value is less than the local subnet, you cannot access the workplace. Additionally, based on my understanding, you cannot access the workplace and local network at the same time if the IP namespaces is same. Thanks.Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Thank you for your answer. If I get 192.168.1.12 from RAS and the same IP from my home DHCP I have no Internet connectivity and Intranet connectivity towards my workplace. It seems that Windows doesn't like having 2 same IP addresses in the routing table. IPv4 Route Table - 192.168.1.12 home IP, 192.168.1.13 RAS IP =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.12 4501 0.0.0.0 0.0.0.0 On-link 192.168.1.13 21 127.0.0.0 255.0.0.0 On-link 127.0.0.1 4531 127.0.0.1 255.255.255.255 On-link 127.0.0.1 4531 127.255.255.255 255.255.255.255 On-link 127.0.0.1 4531 ras_server_ip 255.255.255.255 192.168.1.1 192.168.1.12 4246 192.168.1.0 255.255.255.0 On-link 192.168.1.12 4501 192.168.1.0 255.255.255.0 On-link 192.168.1.13 21 192.168.1.12 255.255.255.255 On-link 192.168.1.12 4501 192.168.1.13 255.255.255.255 On-link 192.168.1.13 276 192.168.1.255 255.255.255.255 On-link 192.168.1.12 4501 192.168.1.255 255.255.255.255 On-link 192.168.1.13 276 192.168.40.0 255.255.255.0 On-link 192.168.40.1 4501 192.168.40.1 255.255.255.255 On-link 192.168.40.1 4501 192.168.40.255 255.255.255.255 On-link 192.168.40.1 4501 192.168.43.0 255.255.255.0 On-link 192.168.43.1 4501 192.168.43.1 255.255.255.255 On-link 192.168.43.1 4501 192.168.43.255 255.255.255.255 On-link 192.168.43.1 4501 224.0.0.0 240.0.0.0 On-link 127.0.0.1 4531 224.0.0.0 240.0.0.0 On-link 192.168.1.12 4502 224.0.0.0 240.0.0.0 On-link 192.168.40.1 4502 224.0.0.0 240.0.0.0 On-link 192.168.43.1 4502 224.0.0.0 240.0.0.0 On-link 192.168.1.13 21 255.255.255.255 255.255.255.255 On-link 127.0.0.1 4531 255.255.255.255 255.255.255.255 On-link 192.168.1.12 4501 255.255.255.255 255.255.255.255 On-link 192.168.40.1 4501 255.255.255.255 255.255.255.255 On-link 192.168.43.1 4501 255.255.255.255 255.255.255.255 On-link 192.168.1.13 276 and now the surprise: IPv4 Route Table - 192.168.1.12 home IP, 192.168.1.12 RAS IP (seems like the RAS IP didn't make it into the routing table) and it's replaced by 169.254.0.27 =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.12 4501 0.0.0.0 0.0.0.0 On-link 169.254.0.27 21 127.0.0.0 255.0.0.0 On-link 127.0.0.1 4531 127.0.0.1 255.255.255.255 On-link 127.0.0.1 4531 127.255.255.255 255.255.255.255 On-link 127.0.0.1 4531 ras_server_ip 255.255.255.255 192.168.1.1 192.168.1.12 4246 169.254.0.0 255.255.0.0 On-link 169.254.0.27 276 169.254.0.27 255.255.255.255 On-link 169.254.0.27 276 169.254.255.255 255.255.255.255 On-link 169.254.0.27 276 192.168.1.0 255.255.255.0 On-link 192.168.1.12 4501 192.168.1.12 255.255.255.255 On-link 192.168.1.12 4501 192.168.1.255 255.255.255.255 On-link 192.168.1.12 4501 192.168.40.0 255.255.255.0 On-link 192.168.40.1 4501 192.168.40.1 255.255.255.255 On-link 192.168.40.1 4501 192.168.40.255 255.255.255.255 On-link 192.168.40.1 4501 192.168.43.0 255.255.255.0 On-link 192.168.43.1 4501 192.168.43.1 255.255.255.255 On-link 192.168.43.1 4501 192.168.43.255 255.255.255.255 On-link 192.168.43.1 4501 224.0.0.0 240.0.0.0 On-link 127.0.0.1 4531 224.0.0.0 240.0.0.0 On-link 192.168.1.12 4501 224.0.0.0 240.0.0.0 On-link 192.168.40.1 4501 224.0.0.0 240.0.0.0 On-link 192.168.43.1 4501 224.0.0.0 240.0.0.0 On-link 169.254.0.27 276 255.255.255.255 255.255.255.255 On-link 127.0.0.1 4531 255.255.255.255 255.255.255.255 On-link 192.168.1.12 4501 255.255.255.255 255.255.255.255 On-link 192.168.40.1 4501 255.255.255.255 255.255.255.255 On-link 192.168.43.1 4501 255.255.255.255 255.255.255.255 On-link 169.254.0.27 276 When I display VPN IP address through Status->Details->Client IPv4 address, it shows 192.168.1.12 and not 169.254.0.27. ipconfig /all shows another surprise: PPP adapter VPN: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : VPN Physical Address. . . . . . . . . : DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Autoconfiguration IPv4 Address. . : 169.254.0.27(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.0.0 Default Gateway . . . . . . . . . : 0.0.0.0 DNS Servers . . . . . . . . . . . : 192.168.1.2 Primary WINS Server . . . . . . . : 192.168.1.2 NetBIOS over Tcpip. . . . . . . . : Enabled This leads to several conclusions: there is an inconsistency between IP address showed by the VPN GUI and the real IP addresses used by the system Windows can't live with 2 same IP addresses, one must do everything to prevent such a situation Anybody any other ideas, or should I mark this thread as answered?