Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Leonardo_Tessar
Participant

IP assignment for remote VPN

Hello,

I would like to assign an IP address to a user connected to remote VPN.

I've edited the $FWDIR/conf/ipassignment.conf file with below syntax and installed the security policy but it's not working.

GWIPADDR addr 192.168.99.250, dns=(10.1.1.1,10.1.1.2) user1

The IP address 192.168.99.250 is outside of my OM IP Pool (192.168.98.0/24)

I've checked the syntax with the command "vpn ipafile_check" and it seems correct:

line 0065 is OK. User="user1"

But the user keep getting an IP from my OM IP Pool instead of the specified IP address.

Here is the config on the cluster:

image.png

Any suggestion to solve my issue?

Thank you!

 

0 Kudos
7 Replies
Maarten_Sjouw
Champion
Champion

To my knowledge you cannot assign an IP outside the OM range.
Regards, Maarten
0 Kudos
Leonardo_Tessar
Participant

Initially I had assigned an IP of the OM range, then I read that the IP had to be external to the pool and so I changed it.
But the behavior is the same on both cases.


Btw I'm working on R80.20, was anyone else able to make this configuration work on this release?

0 Kudos
Andreas_Aust
Collaborator

Did you install the policy after editing ipassignment.conf ?

0 Kudos
Leonardo_Tessar
Participant

Of course I've installed the policies.

0 Kudos
Timothy_Hall
Legend Legend
Legend

Instead of the GWIPADDR, try using the name of the firewall object instead, install policy and try again.  Note that if it is a cluster, it must be the name of the firewall object, not the cluster object.

 

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com
0 Kudos
Leonardo_Tessar
Participant

I've already tried different combo, including the name of the Security GW instead of the IP address, but nothing changed.

Yes, I used the firewall object name and not the cluster object. 

 

0 Kudos
Leonardo_Tessar
Participant

The issue was related to spacing.

It's mandatory to use tabs between fields, if you use spaces the config will be ignored.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events