If i'm understanding you correctly, your ip block is the same as the site you connect? This shouldn't be a problem and the authentication process is essential in order to determine what resources the you would be entitled to use. I'm not sure what VPN server your customer is using, but the most common are IPSec-enabled devices and it uses a procedure called Internet Key Exchange (IKE) to transfer security keys. While, Microsofts PPTP leverages existing user authentication technologies, such as PPPs Password Authentication Protocol (PAP) and the Challenge Handshake Authentication Protocol (CHAP). I would be more inclined to think that you don't have access rights based on policy at the customer's site.