Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: Assigned VPN IPs

Assigned VPN IPs 7 years 9 months ago #29547

  • timparker
  • timparker's Avatar
  • Offline
  • Distinguished Member
  • Posts: 96
  • Karma: 0
Hello everyone.

I'm back again with another question for the veterans here. I have my first couple of test vpn users working now. I created a new ip segment for them 192.168.5.x and the traffic seems to be flowing fine for me but.....

My boss just called, he is working from home today and he was showing as connected when I looked in ADSM under the monitoring. But he said that he wasn't on his end. He would try and reconnect and I could see in the Syslog entries that were flying by that it wouldn't reconnect due to not being able to give him an IP.

I set up specific IPs for users just to try and keep things straight. I guess I really don't need to do that since there technically is an IP Pool on the ASA that is set up.

The question becomes, is there any huge reason to assign IPs to users or should I just let DHCP hand them out. If they lose there connection they would just get another one and the first would eventually time out and get recycled. The default setting it appears is to allow 3 connections at a time max.

TIA.
The administrator has disabled public write access.

Re: Assigned VPN IPs 7 years 9 months ago #29577

  • skepticals
  • skepticals's Avatar
  • Offline
  • Expert Member
  • Posts: 783
  • Karma: 0
Humm... I don't see a huge reason that you could not assign static IP users. It would allow you to know who each user is by looking at their IP.

How many VPN users do you have? If you only have a few users then statically assigning wouldn't be that bad, but if you have 100s then it could be a problem.
The administrator has disabled public write access.

Re: Assigned VPN IPs 7 years 9 months ago #29585

  • timparker
  • timparker's Avatar
  • Offline
  • Distinguished Member
  • Posts: 96
  • Karma: 0
There are only about 15 right now, so thats not the issue. The problem is that for some reason when my boss logs in, if his connection gets trashed (he's using wireless at home). He can't get reconnected. What I see in the syslog is that it can't assign him an IP and I thought it was because it had one assigned to him.

But I did some tests last night and early this morning and can't seem to duplicate that problem. I had it allow me back on up to the limit of 3 that is set by default.

So my initial thought was to remove the IPs and just let the traffic flow. But it would be nice to quickly see who is on as the syslog traffic flows by.
The administrator has disabled public write access.
Time to create page: 0.073 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup