I've been digging into new SSL Profile feature, which I'm very impressed with and cannot wait to utilize, however, I have a few questions.
Ultimately, I'd really like to be able to control and track Any VPN, however, mostly SSL VPN Users, such that each user would always receive a Static IP Address. These VPN Connections are reported and logged (Web Protection, Network Usage, etc) and an IP Address like 10.242.2.6 is very vague, especially when it could be calculating multiple connections, users or hosts, at different times of the day of course.
After realizing that each SSL Profile will still use the same VPN Pool, I looked under User Definition, and found an option called "Use static remote access IP". Unfortunately, my excitement wore off quickly after I read the Help that stated: "The static remote access IP can only be used for remote access through PPTP, L2TP, and IPsec. It cannot be used, however, for remote access through SSL." OpenVPN does in fact have a feature utilizing ifconfig-push to assign a Static IP to a specific OpenVPN User, so this *could* become a possibility moving forward. (I understand it may become problematic if multiple concurrent connections is enabled, in which case I may need a separate user per host).
With that said, an end goal of mine would be able to assign a Static IP to a User or Host, such that my phone, laptop, and so on would receive the same Static IP it receives when it is on the Local Network, simulating that the device essentially never left. Tracking Host Usage accurately is really important for me, and that includes VPN Traffic.
Any thoughts, advice, or chalk it up as a feature request, I'm all ears.
This thread was automatically locked due to age.
Guest User!
You are not Sophos Staff.
