Koozali.org: home of the SME Server

Obsolete Releases => SME Server 7.x => Topic started by: Elliott on December 16, 2008, 09:51:03 PM

Title: (SOLVED) Can I control DHCP addresses that VPN hands out?
Post by: Elliott on December 16, 2008, 09:51:03 PM

I'm using SME 7.4 and it is not currently setup to handle the DHCP role on my network. That is handled by an internal win2k3 server.

I'm having a problem where one of my VPN connections is somehow getting an address that is outside of my internal DHCP servers range and is already attached to a printer.

Since it's outside of my DHCP server's allowable range and I have no other DHCP capable machines other than the SME box I'm guessing that it's VPN service is somehow handling this.

I can't set the VPN connection up to have a hard coded address or SME complains so is there some way to control the VPN's DHCP or at least to tell it to pass the request on to my actual DHCP server?

[standard anti-flame disclaimer]
Yes I've searched the forums and looked at the HowTo's with VPN labels and read the VPN section in User's guide. I've also looked in the message and secure log for the username and grep'ed the entire /var/log directory but am coming up blank. Where else might I find helpful information to share?
[/end SAFD]

Any pointers appreciated.

Thanks,
E

p.s. If necessary I'll open a bug but the last one I opened (4823 (http://bugs.contribs.org/show_bug.cgi?id=4823)) is still stagnating in the tracker.

Title: Re: Can I control DHCP addresses that VPN hands out?
Post by: byte on December 16, 2008, 11:43:35 PM

You should be able to use:

db accounts setprop fredfrog PPTPIP xxx.xxx.xxx.xxx
expand-template /etc/raddb/users
sv restart /var/service/radiusd

Title: Re: Can I control DHCP addresses that VPN hands out?
Post by: Brave Dave on December 17, 2008, 10:21:15 AM

It use the end of the dhcp range

if you say 3 pptp clients it will take off 3 ip's and use them

if you aren't using dhcp have a look at

 config show dhcpd

it will show something like

    end=192.168.1.250
    start=192.168.1.65

adjust your end value

 config setprop dhcpd end 192.168.1.220

and
 signal-event remoteaccess-update

if you had 3 inbound set it would use 218,219,220

Title: SOLVED: Can I control DHCP addresses that VPN hands out?
Post by: Elliott on December 17, 2008, 03:01:55 PM

Excellent. Thanks guys that did it. Was this documented some where and if not could it be added to the VPN HowTo or the management documentation on VPNs?

Title: Re: SOLVED: Can I control DHCP addresses that VPN hands out?
Post by: byte on December 17, 2008, 03:03:52 PM

Quote from: Elliott on December 17, 2008, 03:01:55 PM

Excellent. Thanks guys that did it.

Which option did you use out of interest for others ? Thanks.

Title: Re: SOLVED: Can I control DHCP addresses that VPN hands out?
Post by: Elliott on December 17, 2008, 03:24:31 PM

Quote from: byte on December 17, 2008, 03:03:52 PM

Which option did you use out of interest for others ? Thanks.

For my purposes I chose to use davidbray's technique. I've got 4 or 5 people who VPN into the machine and felt it was the easiest way to force them into a specific range. I even added the start moniker and locked them down to 5 specific IPs so I could document them on my internal IP map as non-useable.

Thanks again!