ip pool for vpn

Forum|Forum|6 years ago
April 2, 2020
1 reply
8259 views

Hello everyone,

how does the fortigate ip pool work for users.

We have a object (vpn-pool) defined as 192.168.100.0/24. This is then applied to the Ip policy along with groups.

users get IP from 192.68.100.x once connected.

Query on this -

1) how does it keep track of what ip's are in use, is there any command to check this?

2) why do users get subsequent ip's as ip and gateway (example, 192.168.100.1 as IP & gateway as 100.2 on ipconfig)

3) Is it possible to do a static IP reservation on this?

4) what is different between this pool and the actual dhcp function within fortigate?

Appreciate all inputs.

Best answer by ede_pfau

I get it that you are talking about SSL VPN.

Up until FOS v6.4 SSLVPN does not support DHCP assignment, in contrast to IPsec VPN where it has been working perfectly for years. So, no reserved allocation at all.

The 'next' address is IMHO a designation for a proxy. I really don't know if that means that you can only support 128 users on a /24 subnet.

ede_pfauAnswer

SuperUser

I get it that you are talking about SSL VPN.

Up until FOS v6.4 SSLVPN does not support DHCP assignment, in contrast to IPsec VPN where it has been working perfectly for years. So, no reserved allocation at all.

The 'next' address is IMHO a designation for a proxy. I really don't know if that means that you can only support 128 users on a /24 subnet.

Darkstar

New Member

1) Monitor - ssl-vpn monitor or firewall user monitor 2) Technical question probably with no impact, but id like to know too. :) 3) In ssl-vpn - no. 4) You can do DHCP onnly in custom ipsec tunnel, i made a topic on this, waiting for approval. Cant get it to work fully.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded