I have setup VPNs on several firewalls and find that most cannot connect to the VPN from the LAN side. I also have setup Routing and Remote Access on different Windows severs. With that config, users could connect to the VPN from the LAN. A different way to accomplish a Guest Network that has managed access to the LAN, would be to setup an Employee Guest SSID that uses RADIUS to your server for authentication.
... View more