Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 10 replies
  • Subscribers 1 subscriber
  • Views 6401 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to have dhcp reservation on remote access

lester
Hello,

Where can i configure an DHCP IP reservation for remote access SLL VPN ?

I want to have when i etablish ssl VPN, always the same IP in my ip class SSL VPN


Thanks for your answer


This thread was automatically locked due to age.
Parents
  • 0
    There is a setting for this in 'Definitions >> Users', but it's not available for SSL VPN.
    The static remote access IP can only be used for remote access through PPTP, L2TP, and IPSec. It cannot be used, however, for remote access through SSL.

    What problem are you trying to solve?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    i'm trying to have always the same ip when i'm connecting with ssl vpn because for managing router,switch and other i need a static ip.
  • 0 in reply to lester
    Why not enable the L2TP over IPSec for that purpose?  It's very straightforward in the Astaro and easy to set up with the standard Windows VPN client.
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    not possible because the ports are frequently closed on buisiness hotel, hotspot .....
    that's why i use SSL [:)]
  • 0 in reply to lester
    OK, create an additional address on the internal interface, then create a SNAT:

    Source: 'lester (User Network)'
    Service: 'Any'
    Destination: 'Internal (Network)'

    Source: [the additional address created above]
    Service: - leave this blank -

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    ok,
    i try tomorrow
    Thank
  • 0 in reply to lester
    Hi Bob,

    I just tried this for one user.
    but on logging in I always get a different address as it was before.
    Am I something missing?
    What kind of Address should be created? with mask 255.255.255.255
    and the address should be from which address pool? SSLVPN or internal net?

    Source: 'lester (User Network)'
    Service: 'Any'
    Destination: 'Internal (Network)'

    Source: [10.46.40.242/32] 
    Service: - leave this blank -
    automatic Packet Filter:  yes
  • 0 in reply to stevecharon
    I've only used this trick in the past when there were identical subnets on both sides of a VPN; for example, 192.168.1.0/24.  In that case, I added 192.168.0.1 as an additional address on the Astaro internal interface with a subnet of 192.168.0.0/23.

    In this case, there is no conflict, so I suppose you wouldn't need the additional address, and you could simply SNAT to 'Internal (Address)'.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0 in reply to stevecharon
    I've only used this trick in the past when there were identical subnets on both sides of a VPN; for example, 192.168.1.0/24.  In that case, I added 192.168.0.1 as an additional address on the Astaro internal interface with a subnet of 192.168.0.0/23.

    In this case, there is no conflict, so I suppose you wouldn't need the additional address, and you could simply SNAT to 'Internal (Address)'.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
Cookie Information Banner