REMOTE ACCESS VPN on different network and domain

Hi,

I have to make a VPN connection from network 172.16.1.0/24 to network 192.168.1.0/24. I get the error: the remote "modem is not set up correctly or is already in use" whenever I try to establish connection.

We are learning about windows server 2016 and so far we have done DHCP, DNS and AD in GNS3. 

We had to install RRAS/Network Policy server for the VPN in one of the server. I have googled for the setups then it gets more confusing. I will try to be as clear as possible and number my questions.

1- Teacher told us that .local domain are not able to make VPN connection and therefore we have to make new forward lookup zone in DNS with domain like .be. He did not explain why ? And within that we had to make new A host and here I was not sure which network IP address to give it and how does it have anything to do with VPN client. There is this side not that says " The RRAS are there to let remote clients contact the server sites with vpn.mobyus.be as hostname".

2- For the network 172.16.1.0/24 we made the edge router as DHCP provider. Client on that network got the address from the pool and I was able to ping the server in network 192.168.1.0/24. I gave the dns server name of network 192.168.1.0 /24 for the network 172.16.1.0/24 and  was not sure if that works. The client on network 172.16.1.0 does not appear in DNS or AD.

3- The layer 3 connection are ok as I can ping all the nodes in different network. I have used ospf for routing. I think there is something to do with DNS and domain.

4- We made new policy in NPS to allow domain admin to make VPN connection with PAP. I used administrator@mobyus.local and the password for the domain. I even tried .be but does not help.

5- Is it more easier to setup VPN in local network?

6- We have to capture trace with wireshark and use filter tcp.port==1723 or ip.port==47. When I do netstat-a in client I don get tcp.pot==1723. Is it only in server?

I will be working on and try to find out more. Further more we have to make connection with EAP.

I would be very grateful and appreciate any help.

Thank you for your time.