Reserve IP addresses over SSL VPN tunnel

Forum|Forum|9 years ago
June 23, 2016
2 replies
33145 views

Ok so here is my issue:

We have users who are connecting from home/other remote locations over the SSL VPN tunnel.

Inside Policy&Objects>Objects>Addresses there is an range named SSL_VPN that is 192.168.10.4-192.168.10.63 (any interface)

The SSL settings from VPN>SSL>Settings have the SSL_VPN object in the IP Ranges field

It doesn't matter to me which IP address is reserved, but I need to have one of those addresses reserved for a specific user. Whenever this user connects to the SSL VPN he needs to get the same IP address.

I can see how to do this with dhcp reservations for the physical interfaces, but I cannot see how to do this for the SSL VPN connection.

Any help you can give is greatly appreciated!

Toshi_Esumi

SuperUser

You need to create a separate IP pool to have only one IP, say 192.168.10.4(you need to adjust the original pool not to have this IP), and bind it to SSL portal config (if v5.2). This means you need to create another portal separated from the other users' and specify it in the policy.

jmann223Author

New Member

You are correct this is v5.2

So I have modified the original object to be 192.168.10.4-63 and created a new object for 192.168.10.3 named Remote_Laptop.

I have also created a new portal, named Remote Laptop, but its reference count is 0. I bind the address, is this a CLI only sort of thing?

Thanks for the help!

Toshi_Esumi

SuperUser

I don't know how you authenticate those users but you need to have a usergroup for the single host and another for all the others if local authentication. Then one usergroup and one portal needs to be bound together under SSL Settings. You need to have two sets. That's where the portals are referred with 5.2.

Toshi_Esumi

SuperUser

I didn't mean actul "ip pool" but an address object. Sorry.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded