Problems with VPN - 169.254.X.X APIPA address

Jul 19, 2010 - by Ian Hasell

Today we hit a problem that we'd never seen before. Clients were connecting up a VPN to the server in the office and all appeared to connect up - username and password authenticated and client connects. But the users could not access any of the shares. Upon closer inspection and an ipconfig, it was clear that the VPN server was not assigning correct IPs to the clients. The clients instead had 169.254.X.X APIPA addresses and therefore could not talk to the network.

So here's a quick fix that seems to work:

Allocate a gap in the DHCP scope which will be dedicated to VPN clients. Then set Routing and Remote Access to use the allocated range of IPs. Here's how:
1. Open Routing and Remote Access MMC
2. Right click on the server  and select Properties
3. In the Server Properties page, select the IP tab
4. Instead of using DHCP, select Static Address Pool, then define the addresses which you've excluded from the DHCP server.

Hopefully this will help somebody else out there!