Our company network is 10.0.0.0/24 (not /8 as the class suggests, this wasn't my decision, and sadly can't be changed). We set up an RRAS VPN server. Windows 7 clients are advised to be set up not to use this VPN as the default gateway. So when these clients connect, they create a 10.0.0.0/8 route for the VPN, instead of /24.
I think I figured out why: in the IPv4 properties, there's this checkbox: "disable class based route addition". When unchecked, it creates a route based on the class, /8. When checked, no 10.0.0.0 route is created at all. So my question is: it is possible to specify on the RRAS server what route/netmask the client should use? I'm guessing that the client receives a netmask from the DHCP server, so this should be possible.
The above can be a simple netmask issue, so here's a more general case. Let's suppose that the company has another network, 192.168.0.0/16. Is there any way to configure the RRAS server to tell the clients to create a 192.168.0.0/16 route, in addition to 10.0.0.0/x? I know, one workaround is to use the VPN as a default gateway, and another is to run client-side batch files to do the job.
Best Answer
The general case solution is to configure your DHCP server to provide the proper routes to the client via option 121, "Classless Static Routes". The Windows 7 DHCP client will send a DHCPINFORM after connecting to the VPN and should receive the routes from the DHCP server.