Re: Not getting user specified IP address after VPN drop and reconnect

You can setup disconnection idle timeout to 1 minute. This how to may help,

How to Manage Dial-in Constraints
How to Restrict RRAS Connections
With Remote Access Policies, you have many options to restrict VPN connections...
http://www.howtonetworking.com/VPN/rrasrestrict1.htm

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
"CCS" <(E-Mail Removed)> wrote in message news:4FD83208-FD73-4674-824B-(E-Mail Removed)...
Hi, I am running a Windows 2003 Server as a VPN server for multiple client
PCs to connect to. The VPN server itself is setup to assign addresses from a
pool of addresses which do not have any access to the internal LAN. Each
individual user is configured with a static IP address in the dial-up
configuration for that user, and that IP address does have access to the
internal LAN. So, when things are functioning correctly, the user connects
using their VPN client, gets assigned the IP address specified for their
user, then has access to the LAN.

The problem is, if their connection drops (an actual drop, not a user
initiated disconnect of the VPN), then tries to reconnect within the next few
minutes, they will only get assigned the non-routed address that the VPN
server assigns and not the address specified for their user. If they wait
about 4-5 minutes before reconnecting after the drop, then they are assigned
the proper address. Also, if they immediately reconnect after the drop, then
disconnect (not drop), then reconnect again, they will get assigned the
proper address.

It looks like when there is a connection drop, the server is preventing the
user specified IP address from being reused again before some timeout value
has expired. But if the user manually disconnects the VPN, it correctly
releases the IP address and they can reconnect immediately without a problem.

I am looking for a way to tune this timeout value so that on a connection
drop it will almost immediately release that user's IP address so that they
can get right back in with the correct IP address and have access to the LAN
again. I have not been able to find anything in the VPN server or user
configurations to control this, nor have I been able to find which registry
key might control this. Any help would be greatly appreciated, thank you!