Filter
Top Products
6 Address Management
6-2
VPN 3000 Concentrator Series User Guide
Configuration | System | Address Management | Assignment
This screen lets you select prioritized methods for assigning IP addresses to clients as a tunnel is
established. The VPN Concentrator tries the selected methods in the order listed until it finds a valid IP
address to assign. You must select at least one method. You can select any and all methods. There are no
default methods.
Figure 6-2: Configuration | System | Address Management | Assignment screen
Use Client Address
Check this box to let the client specify its own IP address. For maximum security, we recommend that
you control IP address assignment and not use client-specified IP addresses. Do not check only this box
if you are using IPSec, since IPSec does not allow client-specified IP addresses.
Make sure the setting here is consistent with the setting for
Use Client Address on the PPTP/L2TP Parameters
tab on the
Configuration | User Management | Base Group screen. A different Use Client Address setting for
specific groups and users overrides the setting here and on the base group screen. See the
Configuration |
User Management
screens.
Use Address from Authentication Server
Check this box to assign IP addresses retrieved from an authentication server on a per-user basis. If you
are using an authentication server (external or internal) that has IP addresses configured, we recommend
using this method.
Check this box if you enter an
IP Address and Subnet Mask on the Identity Parameters tab on the
Configuration | User Management | Users | Add or Modify screens (which means you are using the internal
authentication server).
Use DHCP
Check this box to use a DHCP (Dynamic Host Configuration Protocol) server to assign IP addresses.
If you use DHCP, configure the server on the
Configuration | System | Servers | DHCP and Configuration |
System | IP Routing | DHCP
screens.