Client-side routes with NPAS/RRAS

[MikeHiow]

I've hit a bit of a stone wall on this one.

Our network spans several /24s with VPN users requiring access to several of them.

I have managed to set static routes under RRAS on 2008r2 which work perfectly when the client is set to use the remote gateway, but many users chose not to have this option, and rightly so.

Is there any way to apply client-side routes without having to resort to third party VPN solutions?

 

[sidethink]

You can define static routes in the routing table of each client PC, but managing this would be messy and unwieldy.

In most scenarios, end users should be forced to use the VPN as default gateway to avoid split tunneling. The VPN infrastructure should then be capable of dealing with all their routing requirements.

There are plenty of scenarios where this isnt very practical but one you split tunneling and allow users to decide whats going on, you run into manageability headaches.

 

[MikeHiow]

Forcing users to use the VPN as the default gateway is not an acceptable option.

After doing some research, the closest thing that may do what I need is classless routes with DHCP.

My issue is that I cannot for the life of me figure out how to have a separate and dedicated DHCP scope just for RRAS (it's currently setup as a static pool).