This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPSEC - Virtual IP Pool

Until now, I have used VPN SSL. It assigns VPN Pool (SSL) ip address. In IPSEC mode I have noticed that Astaro assigns private ip address of remote PC, instead of VPN Pool (IPSec). It is true that, while in VPN SSL properties you can define "virtual IP Pool", in IPSEC you cannot. But... why there is a network definition for IPSEC VPN?

Thank you
eclipse79

This thread was automatically locked due to age.

0 m.liewerenz over 15 years ago

i got the them problem. in my case, my clients receive an ip adress like 192.168.254.x. the point is, there is no pool which includes that range. the predefined pool for ipsec vpn includes a range like 10.242.4.x.

i know, when you wanna use ipsec with secure client, you have to set a static ip adress in the user object. but in some case it happends that the user doesnt receive the static ip, and i have to set it in the secure client. after that it works.
but it is horrible when you have a lot of remote users!!!!

are there some solutions? mybe another authentication type???
Cancel
Vote Up 0 Vote Down

Cancel
0 d12fk over 15 years ago

Indeed the IPsec pool is not used for normal remote access, yet. It is used in "CA DN match" style connections to express the acceptable subnet range clients can connect from.

Somehow many users assume the existence of an IPsec pool object automatically translates into pools being used for IPsec remote access connections. This unfortunately is not yet the case. Wait for the V8 beta (which will be released during the next months), it will contain full support for IPsec IP pools as seen with other remote access methods in ASG.

If you want to assign IPs to you IPsec users in V7 the only solution is to use x509 authentication and assign the user a static RAS address (edit the user configuration).
Cancel
Vote Up 0 Vote Down

Cancel