Unable to ping vpn client on RRAS VPN server 2008 R2

Hi all spice heads,

I have recently setup RRAS on our Windows Server 2008 R2 with one NIC. This setup allow users VPN and also NAT with public interface enable.

VPN connection works no problem and VPN clients able to access Internet. However none of the PCs on the internal network can ping to the VPN clients, but the VPN clients can ping and receive response to any of the PCs on the network.

192.255.20.212 is the dial in interface

192.255.20.1 is the ip address of the server

VPN clients obtain their IPs via DHCP server.

Here is the ipconfig /all result

Windows IP Configuration

Host Name . . . . . . . . . . . . : minch
Primary Dns Suffix . . . . . . . : xxxxx.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : xxxxx.local

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom BCM5708C NetXtreme II GigE (NDIS
VBD Client) #2
Physical Address. . . . . . . . . : 00-1E-C9-F4-D5-3D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : xxxxx.local
Description . . . . . . . . . . . : Broadcom BCM5708C NetXtreme II GigE (NDIS
VBD Client)
Physical Address. . . . . . . . . : 00-1E-C9-F4-D5-3B
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.255.20.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.255.20.252
DNS Servers . . . . . . . . . . . : 192.255.20.2
192.255.20.1
127.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

PPP adapter RAS (Dial In) Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : RAS (Dial In) Interface
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.255.20.212(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{4680632D-7043-40DB-95E6-5F0198E73696}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : xxxxx.local
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Connection-specific DNS Suffix . : xxxxx.local
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2002:c0ff:1401::c0ff:1401(Preferred)
IPv6 Address. . . . . . . . . . . : 2002:c0ff:14d4::c0ff:14d4(Preferred)
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.255.20.2
192.255.20.1
127.0.0.1
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{684FD2B7-6D1A-4C65-BE4D-B64FF880F06A}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{6E06F030-7526-11D2-BAF4-00600815A4BD}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

And this is the route print result

C:\Users\administrator.PACEFARM>route print
===========================================================================
Interface List
13...00 1e c9 f4 d5 3d ......Broadcom BCM5708C NetXtreme II GigE (NDIS VBD Clie
nt) #2
10...00 1e c9 f4 d5 3b ......Broadcom BCM5708C NetXtreme II GigE (NDIS VBD Clie
nt)
24...........................RAS (Dial In) Interface
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
25...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.255.20.252 192.255.20.1 266
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.255.20.0 255.255.255.0 On-link 192.255.20.1 266
192.255.20.1 255.255.255.255 On-link 192.255.20.1 266
192.255.20.203 255.255.255.255 192.255.20.203 192.255.20.212 21
192.255.20.204 255.255.255.255 192.255.20.204 192.255.20.212 21
192.255.20.209 255.255.255.255 192.255.20.209 192.255.20.212 21
192.255.20.212 255.255.255.255 On-link 192.255.20.212 276
192.255.20.255 255.255.255.255 On-link 192.255.20.1 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.255.20.1 266
224.0.0.0 240.0.0.0 On-link 192.255.20.212 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.255.20.1 266
255.255.255.255 255.255.255.255 On-link 192.255.20.212 276
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 192.255.20.252 Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
12 1010 2002::/16 On-link
12 266 2002:c0ff:1401::c0ff:1401/128
On-link
12 266 2002:c0ff:14d4::c0ff:14d4/128
On-link
1 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

Am I on the right track or any suggestion.

I need to be able to ping the VPN clients when they are connected so I can VNC to their machine for support.

Thanks in advance guys