Manage VPN client addresses in configuration 3
VPN clients cannot use their local IP address in the internal corporate network. In this scenario, NAT is used to solve this problem.
This address management method allows connection opening from the VPN client end only. This method is simpler to set up for testing, as it does not require an external DHCP server. However, this method has some restrictions:
- It does not allow connections to be opened from hosts in the internal network to VPN clients.
- It prevents the Stonesoft VPN Client from using internal DNS servers.
You might want to change the IP address allocation method to Virtual IP after you have tested the basic VPN connectivity with the configuration explained here.
This basic configuration scenario does not explain all settings related to VPN client address management.
For more details about the product and how to configure features, click Help or press F1.
Steps
Engine Editor – VPN – Advanced
Use this branch to change advanced VPN settings.
Option | Definition |
---|---|
Gateway Settings | The Gateway Settings element that defines performance-related VPN options. |
TCP Tunneling Port | Port used for tunneling Stonesoft VPN Client connections inside TCP connections to bypass intermediary traffic filters and NAT devices. |
Translate IP Addresses Using NAT Pool | When selected, the specified IP address range and port range are used for translating IP addresses of incoming Stonesoft VPN Client connections to internal networks. |
IP Address Range | IP address range for translating IP addresses of incoming Stonesoft VPN Client connections to internal networks. |
Port Range | Port range for translating IP addresses of incoming Stonesoft VPN Client connections to internal networks. |