This post isn’t a regular “fix” in the sense that I point out a problem that is often overlooked or badly documented. It’s just that after spending so many hours chasing this problem, I felt compelled to share it in case it can help, even though it makes little sense.

The setup: I want to add VPN access to my corporate network, consisting of a few servers behind a Linksys/Tomato router. Most servers are Windows 2008 virtualized on VmWare ESX4i servers (but that doesn’t really make any difference.) The VPN server will be placed on a windows 2008 machine that currently serves WSUS (updates) and anti-virus deployment. DNS, DHCP, domain controller, that’s all on other machines.

I followed the guides I could find on the net, but every time I would be able to log my user on to the VPN, but not access anything (not ping any host).

Finally, I resolved this by uninstalling the role from the Server Admin page, rebooting that box, re-installing the role and re-installing the feature.

It worked right away!