Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
15874
Views
5
Helpful
1
Comments

How to assign static IP addresses to VPN Clients

TCC_2
Level 10
Level 10

‎06-17-2009 10:16 PM - edited ‎08-23-2017 10:01 PM

 

Introduction:

This dcoument describes the process to assign STATIC IP Addresses to VPN Clients.

 

Two types of IP's:

  • Dynamic IP Addresses:Dynamic IP can be defined as an IP address which changes every time the device logs in to a network. To trace such IP address is very tough.
  • Static IP Addresses:A static IP can be defined as an IP address which is manually configured on a device.A static IP address is known "static" because it does not change.

Resolution

In this example, three groups are created, each with its own pool and with just one IP address. The inside network is 192.168.1.0/24: 

ip local pool group1 172.16.99.1
ip local pool group2 172.16.99.2
ip local pool group3 172.16.99.3

access-list nonat permit ip 192.168.1.0 255.255.255.0 172.16.99.0 255.255.255.0

crypto ipsec transform-set myset esp-3des esp-md5-hmac
crypto dynamic-map dynmap 10 set transform-set myset
crypto map mymap 99 ipsec-isakmp dynamic dynmap
crypto map mymap interface outside

sysopt connection permit ipsec

isakmp nat-trav
isakmp identity address
isakmp keepalive 10 2

isakmp enable outside

isakmp policy 1 authentication pre-share
isakmp policy 1 encryption 3des
isakmp policy 1 hash md5
isakmp policy 1 group 2
isakmp policy 1 lifetime 86400

(the actual vpn groups):

vpngroup group1 password MYPASSWORD
vpngroup group1 address-pool group1
vpngroup group1 dns 192.168.1.5
vpngroup group1 wins 192.168.1.5

vpngroup group2 password MYPASSWORD
vpngroup group2 address-pool group2
vpngroup group2 dns 192.168.1.5
vpngroup group2 wins 192.168.1.5

vpngroup group3 password MYPASSWORD
vpngroup group3 address-pool group3
vpngroup group3 dns 192.168.1.5
vpngroup group3 wins 192.168.1.5

wr mem

 

You may add as many VPN groups as you wish. Each group must contain a password and an address pool. The Domain Name System (DNS) and Windows Internet Naming Service (WINS) statements are optional.

 

Problem Type

How to (General Information)

 

Product Family

Firewall - PIX 500 series

VPN - hardware & software clients

PIX Software Version

PIX version 6.x

PIX version 5.x

VPN Client Software Version

Cisco VPN Client

 

VPN Tunnel End Points

Client

PIX

Features & Tasks

Local address pool

 

VPN Protocols

IPSec

Labels:
Comments
radioman1000
Level 1
Level 1
‎05-26-2020 06:19 AM

Not really helpful

 

PIX_500 is obsolete

 

I need to support PPTP in a router.  It doesn't have to have WiFi.

 

Can any of the RV series routers support PPTP and static VPN address?

 

Regards

Sam

 

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents