VPN - Static IP Address

  • Thread starter Thread starter Arlis Brown
  • Start date Start date
A

Arlis Brown

The problem I'm attemping to address is associated with
Q317025 "... Cannot connect to the Internet after you
connect to a VPN server". The root of the problem lies in
how a default gateway address is allocated to a VPN
client. If you disable the use of "the default gateway
on the remote network", you can surf the Internet via
your local ISP while the VPN session is active. However,
in order to access the resources on your internal
corporate Intranet, you need to add static routes. This
is all fine and dandy, however, the static routes are
based on the IP address allocated to the VPN connection
by DHCP or a static pool on the VPN server. Herein lies
the problem... the IP address allocated is different
every time a VPN connection is made.

I currently have a W2K VPN server setup to relay DHCP
requests but also noted you can setup static IP address
pools. Under both configurations, I have tried without
success to figure out how it is possible to "reserve" an
IP address for a particular VPN client.

Does anybody know how to address this issue?

Thank you in advance for any input on this issue!

Arlis Brown, Network Manager
Eye Associates of NM, Ltd.
 
-----Original Message-----
Using DHCP, you can configure static routes that get pushed to the client.
These routes will simply say to reach this network, go through this
interface. The client does not require a static address whatsoever.

However, if you wish to have a client always get a static address, you can
specify the address in the TCP/IP properties of the connection. ( make sure
you exclude it from DHCP ) Using this though bypasses DHCP altogether.

--
--
Dusty Harper
Microsoft Corporation
--------------------------------------------------------- -------------------
This posting is provided "AS IS", with NO warranties and confers NO rights
--------------------------------------------------------- -------------------
Click to expand...
Hmmmm, I tried to do this and I got an error on the
client when connecting.

Is there something you have to set on the RRAS Server to
allow the client to choose their own IP?
 
Dusty,

Thanks for the reply! I just checked out the DHCP Scope
Option (033) that provides the capability to push static
routes to the client. I will definitely have to play
with this to determine how it will work with a VPN client.

Regarding the configuration of a VPN Client with a static
IP address, my VPN Server is currently configured to
assign IP address via DHCP. If I configure a VPN client
with an IP address outside the range of the DHCP subnet
scope, an error appears on the client indicating the
address is invalid when a VPN connection is attempted.

From the perspective of the VPN Server, you can only
specify assignment of IP addresses via DHCP or a static
pool. I searched, but could not find any Server
parameters to accept a static IP address on the client.
Would this be in the "remote access policy"? I also have
a IAS Radius server and have configured my VPN Server to
reference this box for client authentication.

If possible, I would like to achieve a configuration
which accomodates VPN clients with either DHCP or static
IP address.

Arlis
 
Back
Top