Hello, I have configured in a Cisco 1841 a small VPN concentrator, using PPTP and authenticating users in Active Directory using RADIUS.
Everything was simple and works great with the exception of one thing, distributing routes for the internal networks.
When the VPN comes up in the clients it is set by default that all traffic goes in the tunnel, not just the traffic for the internal networks, but also general traffic for the Internet. This is not what is desired so I configured the vpn connection (in windows clients) to ignore the default gateway inside the tunnel, but when I do that it just does not define any route to any of the internal networks, thus making them inaccessible.
I know I can then add routes manually...but that is not something I desire all users to do everytime they connect.
My question is: In Windows Active Directory I configured for my user, under the Dial In tab the option, define static routes for this user, and added some routes for my internal networks. Why aren't them distributed to the clients? Should they be distributed? I get a little confused with this because in the Cisco I configure only the radius server for authentication, I find it strange that the same server will be used to distribute other information to the clients...like routing information.
Does anyone has a Roadwarrior vpn cenário similar to this? How did you solve it?
PS: Under linux I solved it because the VPN client allows me to select which routes I want to add in that connection automatically, not perfect but its a solution. However under windows I have no such option, and if possible I would prefer not to install third party applications to solve this.
Here is the Microsoft article for your reference:
Alternatively, you can configure a batch file to configure the static routes on your PC (second last question):