Features for Remote User Access


#1

Please consider:

  1. Permitting User Account Passwords longer than 12 characters.

  2. Implementing IKEv2 as a VPN Type.

  3. Enabling access to the VPN from the LAN.

Thank you.


#2

Can you tell us more on why you need this? Thanks.


#3

I have some clients that need a single configuration for a VPN which is useable on both the LAN and WAN sides. Consider a laptop with a persistent connection to the VPN on the LAN, when removed from the LAN, reestablishes the VPN connection on the WAN side, and vice versa.


#4

If you are using DNS for your VPN hostname, you can use split-horizon DNS to point VPN clients to the LAN IP address while physically on your network. This should be as easy as placing the VPN hostname in your Balance’s Local DNS Records and pointing it to the untagged LAN IP of the Balance.


#5

Thank you, louisbohn. I do use the Local DNS Records function of my Balance One to accomplish a split-horizon DNS. The issue is that the Remote User Access VPN server only listens on specified WAN connections. I would like the VPN server to also be able to listen on selected LAN connections.


#6

Would an internal firewall to deny traffic from specific VLans to the vpn work? I would imagine it is open to any VLan with inter-VLan routing enabled.


#7

jmjones, as far as I can tell, the Remote User Access VPN server is only accessible from specified WAN connections.