I just need some info RE: VPN. I’m pretty up to speed on these things, but I just have one question:
When setting up a VPN, does the “client” need a static IP? That is to say, if you’re going to be not only connecting but also reconnecting, will it matter if the “client” computer’s IP address changes from time to time? Like I mean if it’s on a network and renews its lease DHCP style every 8 hours, will that affect its ability to connect to the other network over a VPN sort of deal?
Sorry, I babble.
In a nutshell:
VPN: Static IP or no static IP? That is the question. Also, could it go either way, depending upon how the VPN is set up?
Let’s assume that this scenario is connecting a cable modem user at home to the Win2k network at his place of employment.
His broadband provider’s service is set up so that his computer (or the cable modem, maybe) renews its lease and gets a new IP every 8 hours through DHCP.
It’s like, “I have this friend…” if you can’t already tell.
Thanks.
It depends on the VPN client software you use, but yes, you can do this. I connect to my workplace via VPN all the time through a 56K dialup account on my laptop and it definitely gets assigned a dynamic IP address when I dial. I have also set it up via cable modem which had (I think) a static IP address and that worked too. This was using SafeNet’s SoftPK VPN client software.
Ah, okay, so it does depend how my–I mean his-- How his employer’s IT dept sets the thing up. It depends upon the client software that they use and yada blah stuff noise.
Okay, cool.
Thanks! I am sure this thread can now die a well-deserved death. Man I love this place.
No problem. One more thing just occurred to me. If you use dynamic addresses or NAT, it may be necessary to run the VPN in transport mode rather than tunnel mode. This was a limitation of some older implementations of VPN. The latest version of the Cisco VPN client has a “NAT transparency” option that allows you to run dynamic/NATed addresses over a tunnel, but at a higher overhead, which means slower response time. You want to avoid transport mode if possible. It’s not as secure as tunnel.