Your terminology "...see anything on the LAN..." is imprecise. What do you mean by "see"? Do you mean that you couldn't PING or make TCP connections to hosts on the LAN? Do you mean that some "Network Places" or such functioinality didn't work?
What you're trying to do will work fine. You're probably not getting NetBIOS name resolution across the VPN because you're probably not using a WINS Server on the LAN. That would be my "psychic powers" guess as to why you're having problems.
Installing RRAS on a domain controller makes it multi-homed. It will work but Microsoft doesn't recommend it. You should think about preventing the RRAS adapter from registering in DNS and WINS.
Edit:
I don't think there's anything "contrived" about my answer. I'm trying to help based on your imprecise description of your problems (using the term "see" nstead of saying exactly what is failing when you're connected) and my experience with these types of problems. Your vague statement about using RADIUS gave me some feeling that you weren't a professional sysadmin (later validated by your comment re: your job) and that you were probably trying to use some graphical tool or application to access resources on the LAN but hadn't performed the basic troubleshooting steps of verifying layer 3 communication, name resolution, etc.
I've setup RRAS servers on domain controllers on LANs that are connected to the Internet behind NAT firewalls. I connect to them several times a week. What you're trying to do works fine.
Are you allowing the RRAS server to assign IP addresses to clients from DHCP, or have you specified an address range? If you've specified an address range is it a range that is within the LAN subnet, or is it a different subnet? Is the IP being assigned to the client when "connected" what you'd expect to see?
It's still unclear to me what you've tried doing once "connected" that makes you think you can't "see" the LAN. Can you PING the RRAS server's IP address? Can you make TCP connections to services hosted by the RRAS server or other servers on the LAN by IP address? Are you getting DNS resolution?
Finally, I did not suggest that moving RRAS to another server would make anything work. I suggested that Microosft doesn't recommend multi-homed domain controllers. RRAS will run fine on a domain controller, provided you understand the ramifications therewith.
Edit 2:
With the RRAS server setup to assign IP addresses from DHCP you're seeing a good LAN IP address being assigned to the client, then?
Assuming you are, and you can't PING the RRAS server's LAN IP address from the client, it's time to start sniffing traffic. I'd sniff on the RRAS server and on the client to see that the PING request is properly routing out the VPN connection (as an encrypted GRE payload-- presumably you're using PPTP). If sniffing is inconvenient you can watch the bytes transferred via the "Status" dialog for the connected client in the "Remote Access Clients" node in the "Routing and Remote Access" management console snap-in. I'd sniff, though-- there's no substitute for seeing the data on the wire.
The client's routing table looks like you'd expect after connection, too, I'd assume. By default, the Microsoft VPN client assigns your default gateway to the remote network (the "Use default gateway on remote network" checkbox in the "Advanced" TCP/IP properties for the VPN connection). If you turn that off, instead of seeing your default gateway change you'll see an entry for the remote network with a gateway of the IP address assigned to the client's VPN adapter. You don't mention what the client OS is, but the behaviour of the Microsoft VPN client changed slightly in Windows 7 (allowing you to disable the silly "classful" route addition behaviour explicitly).
It probably goes w/o asking, but the VPN server's LAN IP subnet and the LAN subnet where the client is connected are using different address ranges, aren't they?
Best Answer
Couldn't comment due to low rep.
What kind of FTP server is it? Since I usually run Linux FTP servers, I would put the FTP server on a vLAN (on a different subnet). You could configure the VPN machines to connect to that subnet instead of the main subnet for the rest of the network by making the VPN Server a member of the vLAN network (with a virtual adapter). That would work well especially if the VPN machines connect to the internet through their own local networks instead of through the VPN tunnel (force tunnelling off). It really depends on your configuration though. My suggestion would be especially easy to implement if the FTP server is running as a virtual machine (then you just make it's adapter internal, and VPNs would connect through a bridge on the VPN server). Just some ideas. What is the exact setup you are using for your FTP and VPN servers? You said you are running FTP as a server role, so maybe you could consider setting it up as an Hyper-V client instead? I'm not a networking expert though, more familiar with VM setups where are the server components are kept discrete from each other (makes management easier IMHO).