Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
VPN Client can`t obtain DHCPinfo
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
VPN Client can`t obtain DHCPinfo - 24.Aug.2004 6:57:00 AM
|
|
|
zjzxj
Posts: 8
Joined: 16.Mar.2003
Status: offline
|
I`m using DHCP for the VPN client addresses,
VPN client can obtain ip addresses but can not obtain DHCPinfo(DNS server,Wins Server,etc.)
My DHCP Server and ISA Server in same box.
|
|
|
|
|
RE: VPN Client can`t obtain DHCPinfo - 24.Aug.2004 11:48:00 AM
|
|
|
andrew.toon
Posts: 26
Joined: 22.Jul.2004
Status: offline
|
You could try adding the following rules, to allow DHCP Request/Reply through. You probably already have one for the request as you are getting an IP address, so you may just need to do the reply.
Rule 1 -
Name : VPN DHCP Reply
Action : Allow
Protocols : DHCP (reply)
From : ISA Server
To: VPN Clients
Users : All Users
Note the From server would be the server that hosts the DHCP, in your case this is the ISA Server. If it was a different server you would need to add a DHCP relay agent, through RRAS.
Rule 2 -
Name : VPN DHCP Request
Action : Allow
Protocols : DHCP (request)
From : VPN Clients
To: Local Host
Users : All Users
Andrew
|
|
|
|
|
RE: VPN Client can`t obtain DHCPinfo - 24.Aug.2004 12:12:00 PM
|
|
|
tshinder
Posts: 47439
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hey guys,
The VPN clients will pull this information from an interface on the ISA firewall, or you can configure custom IPCP settings.
If you want to use DHCP options configured on the DHCP server, you need to configure a DHCP relay agent on the ISA firewall.
HTH,
Tom
|
|
|
|
|
RE: VPN Client can`t obtain DHCPinfo - 24.Aug.2004 1:07:00 PM
|
|
|
zjzxj
Posts: 8
Joined: 16.Mar.2003
Status: offline
|
quote:
Originally posted by tshinder:
Hey guys,
The VPN clients will pull this information from an interface on the ISA firewall, or you can configure custom IPCP settings.
If you want to use DHCP options configured on the DHCP server, you need to configure a DHCP relay agent on the ISA firewall.
HTH,
Tom
My DHCP server and Isa Firewall in same box
must have a dhcp relay?
|
|
|
|
|
RE: VPN Client can`t obtain DHCPinfo - 24.Aug.2004 3:07:00 PM
|
|
|
tshinder
Posts: 47439
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Z,
Good question. I haven't tested the co-lo ISA firewall/DHCP server and DHCP relay, but I suspect its still required.
HTH,
Tom
|
|
|
|
|
RE: VPN Client can`t obtain DHCPinfo - 24.Aug.2004 4:10:00 PM
|
|
|
zjzxj
Posts: 8
Joined: 16.Mar.2003
Status: offline
|
Tom,Please Test it
I can not solve this problem!
|
|
|
|
|
RE: VPN Client can`t obtain DHCPinfo - 24.Aug.2004 4:18:00 PM
|
|
|
zjzxj
Posts: 8
Joined: 16.Mar.2003
Status: offline
|
Tom,Please Test it
I can not solve this problem!
|
|
|
|
|
RE: VPN Client can`t obtain DHCPinfo - 24.Aug.2004 6:51:00 PM
|
|
|
andrew.toon
Posts: 26
Joined: 22.Jul.2004
Status: offline
|
Hi zjzxj,
This would be quite simple to test. Just create a DHCP relay agent using RRAS on the ISA Server. To set this up do the following (Note this is taken from the VPN Deployment Kit) -
1. Click Start, point to Programs, point to Administrative Tools and click on Routing and Remote Access.
2. In the Routing and Remote Access console, expand the IP Routing node in the left pane of the console and right click on General. Click on New Routing Protocol.
3. In the New Routing Protocol dialog box, click on DHCP Relay Agent and click OK.
4. A new node, DHCP Relay Agent, appears in the left pane of the Routing and Remote Access console. Right click on the DHCP Relay Agent node and click Properties
5. In the DHCP Relay Agent Properties dialog box, type in the IP address of the DHCP server in the Server address text box, and click Add. Click Apply and OK.
6. Right click on the DHCP Relay Agent node in the left pane of the console and click the New Interface command.
7. Select the Internal interface (this is an internal interface used by the Routing and Remote Access Service; itĘs not the LAN (internal) interface of the ISA Server firewall/VPN server). Click OK.
8. Accept the default settings in the DHCP Relay Properties ū Internet Properties dialog box and click OK.
Also make sure that in the system policy you've enabled DHCP.
I also couldn't get it to work unless I added the two rules shown above.
Andrew
|
|
|
|
|
RE: VPN Client can`t obtain DHCPinfo - 26.Aug.2004 3:20:00 AM
|
|
|
zjzxj
Posts: 8
Joined: 16.Mar.2003
Status: offline
|
Hi Andrew Toon
I do it follow you,but nothing changed!
|
|
|
|
|
RE: VPN Client can`t obtain DHCPinfo - 26.Aug.2004 9:58:00 AM
|
|
|
andrew.toon
Posts: 26
Joined: 22.Jul.2004
Status: offline
|
You may need to look into the logs and see what is happening. Try doing a filter on DHCP (reply) and then DHCP (request) to see if anything is being denied. This is how I worked out that I needed the two rules mentioned previously.
Andrew
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
