Topic: SME VPN

[daley]

Hi all,

it may not be the new topic, but i'm need a hint... how do i create a different range of IP address for VPN client to logon, for example, my sme server ip 192.168.1.1, what shd i do if i wish to have vpn range 192.168.2.0/24.

kindly advise.

regards,
daley

[Bill Talcott]

The IPs used for the VPN clients are statically assigned, from the top of the DHCP range. In other words, they should get the same thing as a locally connected client.

[Daley]

Bill,

i don't have DHCP running on SME server, i think it is always better if we have the different of IP spool for VPN client to logon for setup.

daley

[Daley]

Bill,

one more question, how can i restrict the remote vpn is permitted to access certain hosts or IP and Port only.

daley

[Bill Talcott]

The SME will set aside the specified number (in Server Manager) of PPTP IPs from the top of whatever DHCP range you have specified. Even if you're not using DHCP, it will still allocate PPTP IPs from that range. Enable DHCP in the configuration menu, pick the range you want, then disable DHCP again. Since you're not using the SME for your main DHCP server, you can pick whatever range you want to use for the PPTP connections.

You can't really restrict what PPTP clients can do. If you give them a separate subnet, you might be able to do some restrictions based on that. But the whole point of a VPN is that the remote client works exactly the same as a local client. It gets a LAN IP just like the PCs directly connected.