22 Replies Latest reply on Oct 8, 2013 12:36 PM by baldwinboy3

    Netvanta 3448 Remote Client VPN, assign a static IP to the remote client

    baldwinboy3 New Member

      I have a Mobile Peer set up for a laptop that goes from one physical location to another. I am using Adtran Secure VPN Client to connect from the laptop to the Netvanta 3448's Mobile Peer. I set this up to work with no issue. The issue comes when I need this laptop to use the same IP address assigned by the Netvanta crypto ike pool (there are other clients that have to connect to this Mobile Peer). I have went to the Adtran adapter in network connections and gave the VPN adapter the static that I want it to be in a valid IP 10.5.12.1. When I do that the laptop wont connect to the Mobile Peer using the Adtran Secure VPN Client. I have also tried to assign the static IP address to the Profile on the Adtran VPN Client, this allowed me to connect to the Mobile Peer but the Laptop could no longer get the the applications that require it to show up as 10.5.12.1

       

      I need the Mobile Peer to support multiple users (which it does) while allowing this one Laptop to have the static IP 10.5.12.1

       

      Here is my Configuration:

       

      crypto ike client configuration pool "VPN Client Users"

        ip-range            10.5.12.1          10.5.12.254

        dns-server          8.8.8.8           4.2.2.2

       

      crypto ike policy 117

        no initiate

        respond anymode

        local-id address 69.43.74.26

        peer any

        client configuration pool "VPN Client Users"

        attribute 1

          encryption 3des

          hash md5

          authentication pre-share

       

      crypto ike remote-id any preshared-key N87*Nidid*l ike-policy 117 crypto map VPN 180 no-xauth

       

      crypto map VPN 180 ipsec-ike

        description VPN Client Users

        match address VPN-180-vpn-selectors2

        set transform-set esp-3des-esp-md5-hmac

        ike-policy 117

        mobile

       

      ip access-list extended VPN-180-vpn-selectors2

        permit ip 10.5.10.0 0.0.0.255  10.5.12.0 0.0.0.255

       

       

      ip policy-class inside

        allow list VPN-180-vpn-selectors2 stateless

        nat source list web-acl-1 interface eth 0/1 overload

       

      ip policy-class outside

        allow reverse list VPN-180-vpn-selectors2 stateless

       

      Please let me know what any of you think.

       

      Thanks,