We have a customer network that has DHCP Server active without Internet.
Need to connect a Peplink Mini BR1 onto same network for VPN connections and access to the customer network.
There are times the customer DHCP will be failed yet we want to maintain Modem VPN connectivity always.
Is there a way to activate the modem DCHP to allow VPN connections 24/7 yet not step on the customer LAN DHCP server? I have seen mention of creating a separate VLAN network just for DHCP / VPN, then route that to the customer network LAN. An example of settings for this would be great.
Yes, you should provision a separate network for the VPN DHCP.
As for how you connect it to the current LAN will depend on the hardware that is already installed. What is the default route given out by the current DHCP server to those LAN clients?. You say thei are not internect connected, but they can still have a default route. Brands/models of equipment help.
You will also have to add a static route to the BR1 and VPN clients for that target network LAN…
None of the existing (black box) devices on the owners single Subnet / Lan need internet access, just basic network connectivity. If we can ping them, we are typically good to go. Is their route important in this simple case?
The modem /VPN just needs to behave as an access point.
That said,
I haven’t looked through the modem config pages regarding static routes;
- I assume the static route get created within the Modem?
- Incoming/outgoing route or both?
- Does the VPN client need a route configured locally on their PC as well? I would like to avoid that.
- Any examples for that setup?
The best practice is to have separate networks for competing uncoordinated DHCP servers.
Can you have the BR1 do all of the DHCP duties?.
Otherwise you will have to experiment and expect odd behaviors.
You can try filtering the DHCP requests inbound on port 67 tcp and UDP via the local service firewall rules.