Link to home
Start Free TrialLog in
Avatar of kadirsiva
kadirsiva

asked on

VPN Connection

Hi,
   I am using Windows 2000 server to configure the VPN. I have some questions about it.
1. Did we need a static ip address for VPN or dynamic IP we can use.
2. If we can use dynamic IP can u tell me.
Avatar of chris_calabrese
chris_calabrese

Yes, you should be able to work just fine with a static IP.

However, you may have issues if you're using NAT.
Avatar of The--Captain
I would evaluate the need for dynamic IP the same way you do in most other scenarios (i.e. ppp, dhcp, etc)...  It doesn't really matter that they're VPN users, does it (unless there are other considerations that have not been revealed)?

-Jon

DHCP will work just fine also, its user preference. Dave
ASKER CERTIFIED SOLUTION
Avatar of foad
foad

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
foad - you've been around way to long to go around posting silly comments as answers (pleae re-read the AUP) - what you said was incorrect, and I think you are talking about the wrong end of the connection, to boot - this is about the client-side addresses, if I'm not mistaken - regardless, you do *not* need a static IP to do a VPN (especially a mickeysoft/PoPToP VPN).

kadirsiva - please respect the site AUP and reject foad's incorrect "answer" - if you need more specific advice, please request clarification in the appropriate area and I bet one of the experts [other than foad] could tell you what you want to know.

Cheers,
-Jon

So, how exactly did Foad's incorrect "answer" assist your eventual solution?  Please clarify - otherwise, I will have no choice but to pass this along to EE CS...

Cheers,
-Jon
I am not an expert on this subject, but coincidentally have dipped into this recently. The VPN is on the firewall at our remote office, and also on the firewall IP address at our head office.

We currently have a NAT connected VPN with DHCP enabled (non-static public IP Addresses) and provided the power remains on at our remote office the firewalls can talk to each other perfectly well.

However we are switching our connection to a NO-NAT basis because this uses static public IP addresses. The advantage is that the settings are permanent from firewall to firewall. If the power goes off at the remote office, or we need to re-boot the firewall, on a NAT basis, the IP addresses will be automatically dished out by the DHCP Server, using whatever random numbers it finds are available, and the two firewalls will no longer be able to find each other.

On a NO NAT basis (static public IP addresses) the connection will be fine afterwards as the IP addresses don't change.  I decided to spend the extra £20 per month to get the static public IP addresses because it is gonna be more reliable.

Hope this helps flesh it out.