Router has option to Tag(DHCP reserve ip) to remote user functions but doesn’t work. Same remote user always gets a different ip when reconnects. Please make possible or fix DHCP reservations for L2TP/PPTP remote users.
Looking for a way to force a VPN Connection of specific device to be assigned to pre-specified Static IP Address.
The specific device does not have capability to specify it’s IP address using IPV4’s Manual IP addressing or Manual IP with DHCP providing gateway and DNS IP addresses.
Using PepLink Balance One’s “DHCP Reservation” with the specific device’s actual MAC Address and mapping it to a Static IP address does not work.
Appears that VPN Connection creates a temporary fabricated MAC address that is not related to specific device.
Result is, the specific device is assigned one of available DHCP IP address from pool.
At Issue - Do to builtin security of several devices on LAN, the specific device (connecting via remote VPN) is rejected access, because its DHCP assigned IP address is not one of allowed Static IP addresses.
Is this an inherent issue with remote access VPN connections? In that all remote access VPN connections have temporary fabricated MAC addresses?
The layer 2 MAC address will be stripped when routing across networks so a new IP address is provided each time L2TP/PPTP remote users connect.
You can solve the described security issue by using an external Radius server/DHCP server with the Balance 210/310 and up models.
Problem described above “Looking for a way to force a VPN Connection of specific device to be assigned to pre-specified Static IP Address.” - Involves two Balance One Routers, using PEP-VPN to connect them together.
With one of Balance One Routers having a persistent IP address, which is setup to allow Remote Access.
Remote Access on other Balance One router will not work, because it’s internet connection is strictly outgoing (no way to connect externally to Balance One).
Thus, suggestion to use an external Radius server won’t work because it requires different PepLink router, than two already in use.
There would also be issue - cost of purchasing and setting up a Radius server.
Would you be able to give me a brief descriptions on how to setup such
Sheng Q. Ling
Ling Enterprises, Inc.
Radius server authentication for PPTP/L2TP clients is configured under: Network> Remote User Access Settings> Authentication. From there you can define a Radius server and authentication settings for the server.
I don’t know the limitations of the VPN software or backend you guys are using, but what would be great is if the username of the PPTP/L2TP could bind to an IP address directly through the Peplink interface.
For example, under Network > Remote User Access, right after the Username and Password fields, add an IP address field. Once an IP address is added to this field, when the user logs in to the VPN, they are then assigned the address listed.