[Swan] Road warriors and dhcp
Alex
mysqlstudent at gmail.com
Thu Dec 31 20:10:41 UTC 2020
Hi,
Now that I have a working VPN for mobile users, I'm having trouble
assigning IPs on our local network. I'm thinking this is the best
place to start, rather than a DHCP list without knowledge about how a
VPN works.
Our internal LAN is 192.168.1.0/24 and we're issuing leases for mobile
workers are issued on 192.168.6.0/24.
Should I add a route from the 192.168.6.0 network to the 192.168.1.0
network for the mobile workers through DHCP?
I recall previously having to add the leftsubnet= parameter as a
separate connection. Is that necessary here too? Where do I get
started here?
I'm setting the segment in my config as such:
# your addresspool to use - you might need NAT rules if providing
full internet to clients
rightaddresspool=192.168.6.2-192.168.6.254
I'm also using shorewall for NAT on the 192.168.1.0/24 network. It
should also be doing NAT on the networks related to the VPN that was
already configured on this server.
My DHCP server config:
server-name "orion" ;
authoritative ;
option domain-name "inside.example.com example.com"
option T150 code 150 = string;
default-lease-time 86400;
max-lease-time 86400;
one-lease-per-client true;
allow bootp;
subnet 192.168.6.0 netmask 255.255.255.0 {
authoritative;
range 192.168.6.2 192.168.6.240;
default-lease-time 43200;
max-lease-time 86400;
option subnet-mask 255.255.255.0;
allow unknown-clients;
option routers 192.168.6.1;
option domain-name-servers 8.8.4.4;
}
subnet 192.168.1.0 netmask 255.255.255.0 {
authoritative;
range 192.168.1.105 192.168.1.140;
default-lease-time 43200;
max-lease-time 86400;
option subnet-mask 255.255.255.0;
allow unknown-clients;
}
More information about the Swan
mailing list