VPN Server(RRAS) only works with clinet from the same subnet, Erro

Hello everyone,
Need help from experienced admins.

Scenario #1,
Windows 2003 VPN Server (RRAS), external NIC connects directly to internet
for testing purpose. No firewall, no router etc for this connection. Internal
NIC connects to Windows 2003 domain. Get error 721 on internet client side.
telnet vpn-server-ip 1723 works fine. By running ethereal on vpn server, I
can see there are several PPTP requests coming in. But VPN server logs
nothing (is set to logging all events).

Scenario #2,
Shutdown VPN service. Then I run pptpsrv on server side and pptpclnt on
client side, there is no problem. Following is output on server side,
Start >>>>>>>>>>>>>>>>>>>>>>
Now you must run pptpclnt.exe on remote machine
Waiting for inbound connection on TCP port 1723...
Inbound connection from client has completed successfully!
Data received from client:
---> abc
Sending the message 'Reply from server' to the client
=====================================================
Connectivity test to TCP Port 1723 was successful!!!
Closing down socket...
=====================================================
Created socket for GRE protocol test
Listening on PROTOCOL 47 for incoming GRE packets...
<<<<<<<<<<<<<<<<<<<<<<< End

And this is output on client side,
Start>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Initializing WinSock...
Obtaining host information...
Successfully resolved server's host information
======================================
Enter data to send to server (between 1 and 255 chrs.), then hit enter:
-->abc
Successfully connected to server using TCP port 1723 (PPTP)
Sending data to server

Waiting for a reply to the data which was just sent...
Received a reply. Reply contains the following text:
---> Hello, there! This is a reply from the server.
=================================
Connectivity test to TCP Port 1723 was successful!!!
Closing down socket...
=================================

Creating a socket to test GRE protocol traffic...
Total GRE packets sent = 1
Total GRE packets sent = 2
Total GRE packets sent = 3
Total GRE packets sent = 4
Total GRE packets sent = 5
=====================================
Check server to see if the GRE packets were received successfully
=====================================
Closing down socket
Goodbye!
<<<<<<<<<<<<<<<<<<<<<<<<<<< End

Scenario #3,
No change on 2003 VPN server, just plug out the network cable of external
connection from T1, and plug it into a hub, connect another Windows XP box to
the same hub, change XP’s IP so that it’s in the same subnet as VPN server’s
external network. VPN client works fine.

Scenario #4,
Take what we have in Scenario #3, just change IP of XP VPN client, so that
it isn’t in the same subnet of VPN server. Get error 721, same as Scenario #1.

Is VPN server dropping requests coming from outside subnet. How to config it.
Thanks in advance

 

Sorry. Please ignore the last scenario, there is no error 721 there. Hub
won't route request at all. I got server can not be reached.
Jeff