Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
VPN Clients Using DHCP addresses
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
VPN Clients Using DHCP addresses - 3.Sep.2008 1:12:06 PM
|
|
|
stevenjwilliams83101
Posts: 20
Joined: 19.Aug.2008
Status: offline
|
I have read that by default the ISA server takes 10 DHCP addresses from the DHCP address pool. I was concerned at first because everytime I disconnected and reconnected with my VPN client, I was given a new IP address....so keep logging on and logging off and found that it will start at the beginning again after the client has made its way through. Now my question is, what happens when I have 10 users on and the 11th user tries to connect? The address pool that the ISA server reserves is capped. What happens then? Will it know to pull another IP address? I have ISA setup to allow 15 PPTP connections. Any worries here?
|
|
|
|
|
RE: VPN Clients Using DHCP addresses - 3.Sep.2008 3:30:18 PM
|
|
|
justmee
Posts: 505
Joined: 14.May2007
Status: offline
|
Yeah Steve, this is what happens.
If the 10 DHCP obtained IP addresses are exhausted, then another 10 will be obtained.
I do not recall exactly, but I think when the 9th VPN client connects, this will be the moment when another leases will be grabbed.
It's explained here, see the Dial-up Remote Access Registry Entries part and the InitialAddressPoolSize registry value:
http://technet.microsoft.com/en-us/library/cc787690.aspx
To answer some of your questions from the other thread, ISA's VPN functionality is provided by RRAS. Yes, you do the configuration from ISA's GUI. Rarely you need to touch the RRAS console.
If you set the number of VPN clients on ISA to 10, and PPTP and L2TP/IPsec are both enabled, you will have within RRAS 10 PPTP ports and 10 L2TP ports(WAN miniports).
Your VPN clients are never in direct touch with the DHCP server.
Their IP settings are configured through IPCP.
If you want to add a static range, you can do that with an on-subnet range too, for example 10.0.0.51-10.0.0.60, you just need to exclude this range from the Internal Network address range, otherwise you will get an error message regarding overlapping addresses.
I suppose that now you are not worried anymore about the VPN clients and DHCP, so the rest of the questions from the other thread do not need an answer...
|
|
|
|
|
RE: VPN Clients Using DHCP addresses - 4.Sep.2008 8:29:58 AM
|
|
|
stevenjwilliams83101
Posts: 20
Joined: 19.Aug.2008
Status: offline
|
Well I kind of just gave up on the different subnet ranges for VPN clients and the internal network, but It would be nice to know how to do it. Thanks for all your help.
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
