Windows 7 VPN problems
I have a windows 2003 R2 server running a PPTP VPN that supports MS CHAP V2. All non-windows 7 clients connect successfully and are able to access both domain local resources such as file server and public websites e.g bbc.co.uk Windows 7 machines connect successfully to the VPN. They are assigned a Ip within the range of 169.254.x.x. I can access local resources e.g file servers. only via Start run \\fileservername. If I use the fully qualified domain name e.g \\fileserver.domainname.com this fails. I can preform a nslookup and resolve the hostname to a IP number successfully. Trying to access the server via it's IP also works. I am unable to access public websites such as the bbc website. If I try and ping the default gateway IP I get a response. If I ping local servers via their IPs this works If I ping local servers via their fully qualified hostnames this fails. e.g ping fileserver.domainname.com nslookup works for any hostname If I try to ping say the BBC website this fails. If I try to ping -4 any host name (force it to use IPv4) this works. Looks like their is some sort of issue with DNS and/or IPv6? I've disabled IPV6 on the Clients VPN, the client still connects successfully but the problem persists. Any idea how I can resolve this issue?
March 10th, 2010 2:46pm

The 169... addresses that you say are assigned, have you assigned them yourself, or are they auto assigned? It strikes me that if these are autoassigned you are not in contact with a dhcp server that gives you the address of a dns server to use. If so you should check if the dhcp relay is set up correctly in routing and remote access.
Free Windows Admin Tool Kit Click here and download it now
March 10th, 2010 5:08pm

The 169 numbers are assigned by the VPN server. So I have set in routing and remote access > Properties > IP, "IP address assignment, the server can assign IP address by using DHCP". So the VPN is setup to give out private IPs and does NAT. All the computers that connect to the VPN get a IP in this range, the non-windows 7 computers e.g XP don't seem to have the same connectivity problem. The one difference in the IP settings between the clients is that the Default gate way on windows 7 computers is set to 0.0.0.0. As far as I can tell from google this is the correct default behaviour for windows 7 clients connecting to a VPN.
March 10th, 2010 5:24pm

Regarding this, please try the following method on the Windows 7 client: You may be unable to access the network when name resolution is performed through a VPN connection on a Windows XP-based or on a Windows Server 2003-based client computer Hope this helps. Thanks. Nicholas Li - MSFT
Free Windows Admin Tool Kit Click here and download it now
March 12th, 2010 6:28am

I don't know if it's relevant to your case, but 169 addresses should not be assigned using dhcp as they are reserved for automatic addressing. Any standard computer with a nic, but with no connection to a dhcp server, will get an address in the 169 range.Addresses that are reserved for private use are:10.0.0.0 - 10.255.255.255172.16.0.0 - 172.31.255.255192.168.0.0 - 192.168.255.255Maybe Windows 7 sees a 169 address and assumes there is no dhcp available? Just a guess... When you use netbios name instead of fqdn the request is broadcasted on the network, which means you don't rely on a dns server.
March 14th, 2010 3:26am

Not really. The 169.254.x.x/16 addresses are APIPA addresses. http://www.petri.co.il/whats_apipa.htm They are assigned by the OS itself if the machine is set to get its network config from DHCP but no DHCP server can be found. This system allows a simple network to function without a DHCP server. APIPA addresses are not routable (as no default gateway is configured). To get back to the original problem. If a RRAS VPN server cannot get any addresses from DHCP to use as its address pool, configure a static address pool in RRAS. Bill
Free Windows Admin Tool Kit Click here and download it now
March 14th, 2010 5:17am

For Windows 7 and Vista Install the VPN client in administrator account. Then on desktop icon of vpn client right click->properties-> Competiblity-> Windows XP SP3 and Run as administrative privileges. Yo will find successful logon to VPN
June 7th, 2011 6:14am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics