Hello,
we are trying to configure L2TP/IPSec with DHCP server for IP assigment instead of local ip pool (this works correctly). However, i only get it work if DHCP pool is the same subnet that "internal" interface. But i don't want this.
DHCP server is located in 10.1.1.x network with 10.10.10.x scope configure for vpn users, and it is reachable via "Internal" UTM interface 10.2.2.x. So, i created a new "vpn" interface in UTM with IP 10.10.10.1 (default router) to get this ip as "relay ip address" for the correct association in the DHCP server. So, i get the log:
DHCPC: Using relay address of '10.10.10.1' DHCPC: Unicasting to server '10.1.1.x' only
But the UTM never gets the lease for the client.
DHCPC: No lease, failing. DHCPC: Failed to obtain an IP address. Terminating connection.
I guess because the query is sent from "VPN interface", although route table is poing to the gateway of Internal interface.
At this point, if we change the Vía Interfece from VPN to Internal, UTM relay address is 10.2.2.x and the vpn client gets an ip in that range.
DHCPC: Using relay address of '10.2.2.1' DHCPC: Unicasting to server '10.1.1.x' only
DHCPC: Received a packet DHCPC: Lease of 10.2.2.xx obtained, lease time 86400
But this is not a solution for us. VPN client must be in a dedicated network.
Is this configuration supported for UTM? Can we accomplish this or the use of VPN local Pool is mandatory?
Thank you and regards.
This thread was automatically locked due to age.
