However we are short on IPs on that subnet and need to put PPTP clients in their own subnet.
I did that and it works, but the clients cannot reach other subnets at the office as I cannot figure out how to push static routes into the client’s computer route table. They can only communicate with the MT pptp server. If they try to contact any other hosts, their local machine’s default route takes over and it does not send them via the tunnel.
If I manually add routes in the client’s machine or set their default route to be the VPN it all works. But this is not practical and other VPN servers do not have the same requirement. The customer says their Watchguard works fine without having the users do privileged commands from the command prompt or route all the clients Internet traffic over the tunnel.
PPTP does not deal with routes. Only Windows try to make inteligent guess and create route automatically. E.g. if your assigned address is 10.x.x.x it adds route to 10.0.0.0/8 or for 192.168.x.x it adds route to 192.168.x.0/24. Sometimes it’s enough, sometimes not.
AFAIK the only VPN able to push specific routes to clients is OpenVPN. But not the MikroTik’s implementation.
