We have two Cisco 5508X firewalls (one is for failover). For VPN, we use the old Cisco VPN Client (5.7) and IPSEC. In the configuration of the firewall, clients authenticate against the domain controller’s address. The domain controller’s OS is MS Server 2016 Datacenter.
We have noticed in DNS (Microsoft) that some of the VPN clients have the same IP addresses. There is not a DHCP scope (Microsoft) setup for the VPN network. To ensure that each VPN client has a separate IP address, can I simply create the scope in DHCP (Microsoft), or is there more to it?
Solved! Go to Solution.
Trying to understand you have Duplicate address for VPN users, what is the lease expiry or DNS Flush for the disconnected clients set for ?
or you looking to create a new scope in DHCP, so you get dedicated IP address range for VPN ? in this case yes you can create own IP rannge in DHCP and take to VPN profile.
So, VPN users seem to get the same IP address. I do not know if I would call them a lease because there is no DHCP scope, but they do have a timestamp.
What does; “… and take to the VPN profile” mean?
If you have VPN profiles created for user to connect from remotely, you need add DHCP range for them to get seperated from address you are not looking to get.
here is the below document for reference (hope this what you looking, if not explain more)