Re: bbsm

o.hassairi · ‎04-12-2005

hello

is it possible that BBSM5.3 preserves the original IP source address?

Is multinet the solution for this issue? why BBSM says you have just one minute to make the VPN connection?

thomas.chen · ‎04-18-2005

As for as I know, Limitations of Multinet config are as follows.

1) The External NIC should be assigned static IP addresses from the management range of Multinet 1.

2) MultiNet 2 -Temp DHCP Range should be 20-30% of estimated users per day. At least 20-30 addresses.

when the Client connect it would connect to a switch and get a temp DHCP lease. and when you click the browser and page will display giving user a choice to choose an IP from either multinet.

o.hassairi · ‎04-18-2005

yes this is true, however, even if the client obtains a public address, this later is not seen from outside. it will be replaced by the bbsm external address.

My need is as follows:

Using BBSM5.3

Architecture: Basic routed

Clients obtain IP addresses by DHCP (BBSM server).

Access contrôle : ACS radius.

(client)remote site-------LL-----BBSM + ACS------LL----------control internet activity site (CIAS)-------Internet

The goal: In the CIAS, we need to know who is connecting to a prohibited internet site.

in the ACS accounting we can find a mapping betwwen inernal IP address of the client and the user name. The problem is CIAS can't see the internal IP address but can just see the external IP address of BBSM. that's why we need to make the BBSM acting as a router and not as a proxy. Is this possible?

If not, is there an other way to reach our goal?

Note: I tried with multinet (one net is a public net), but the same problem accurs, we can just see the BBSM external IP address in CIAS.

any help