This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

[ASG 7.301] Remote Access / SSL and static IPs?

Hello,

right now, we're still using PPTP-VPN with local users on an ASG v7.301, with static IP-addresses assigned.
I've tested with a remote user (eDir-backend), using SSL-VPN. It seems like the static IP which is assigned to this user (in ASG user-settings) is ignored, and I get a dynamic IP from the "Pool Network".

Did I do something wrong, or is it not possible to assign a fixed IP-address to a SSL-VPN-user?

This thread was automatically locked due to age.

0 BAlfson over 17 years ago

According to the instructions (my bold):
Note – The static remote access IP can only be used for remote access through PPTP, L2TP, and IPSec. It cannot be used, however, for remote access through SSL.

If you need a fixed internal-IP for a particular service, you might try SNAT-ing the traffic that comes in from the SSL-VPN Pool. At one client, we solved a similar problem with SNAT and additional addresses on the Internal interface.

We always try to get our clients to use L2TP over IPSec; our choice for best security, reliability and flexibility with Astaro.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel
0 ScottL over 17 years ago in reply to BAlfson

According to the instructions (my bold):
We always try to get our clients to use L2TP over IPSec; our choice for best security, reliability and flexibility with Astaro.
Cheers - Bob

Can you elaborate on the last two(Reliablity/Flexibility)? I don't understand how it can be more reliable and flexible than the astaro SSL vpn client for road warriors.

Thanks!
-Scott
Cancel
Vote Up 0 Vote Down

Cancel