Currently we have a VPN based on a Microsoft PPTP server, which is set up to respond on one of our static IP address. At the moment this works pretty well for access from outside networks.
Also, we have a second network for outside contractors which is on a separate VLAN (VLAN3) from the main corporate network (VLAN0), using the VLAN feature of our Vigor2820.
Unfortunately for some reason, users who connect to our secondary network cannot connect to our VPN, although they can ping the external IP address. Is there some setting that I'm missing, or is there a better way of doing this?
We used to use a Netscreen 5GT which allowed this set up to work, but I'd rather just use the Vigor.



(The idea is that the second network has only internet access, so that outside contractors can still check their emails without connecting to our main network. I only allow wireless access to the second network so users who want to connect over wireless can just log into the vpn to get network access, but unauthorised users can only get to the internet, this way if someone gained unauthorised access to our wireless they would still not have access to the corporate network)

Anyone?