JSI Tip 3365. Enabling VPN in RRAS causes connection issues to remote networks?

When you enable VPN in RRAS, packets to the 'Internet' interface are NOT forwarded. Packets are forwarded over the VPN and internal LAN connections.

The RRAS Setup Wizard lets you choose one of the following:

Internet connection server Remote access server Virtual private network (VPN) server Network router Manually configured server

When you select VPN, the interface you select is secured by implementing filters that only accept PPTP or L2TP traffic. RRAS does NOT forward traffic on this interface, unless the packets are PPTP or L2TP.

If you wish your VPN server to act as a router:

1. In the RRAS Setup wizard, Press Manually configured server.

2. After you enable RRAS, select the Enable this computer as a Router check box in the RRAS server Properties.

3. In the RRAS Manager, right-click Ports and press Properties.

4. Press WAN Miniport (PPTP) and press Configure.

5. Select the Remote access connections (inbound only) check box.

6. Press WAN Miniport (L2TP) and press Configure.

7. Select the Remote access connections (inbound only) check box.

NOTE: Failure to enable packet filtering in the 'Internet' interface opens your VPN server to attack from the Internet.

NOTE: See tip 3296 How do I increase the number of PPTP and L2TP connections beyond the maximum that the Windows 2000 RRAS snap-in allows?