DHCP address allocation

I have a DHCP server that is set up so that LAN clients all have a reserved address. There are also ten addresses used by the MS VPN server and ten by RAS. I want to ensure that the ten VPN and ten RAS addresses can never be served to a LAN client. Can I achieve this by simply reserving the IP addresses against the VPN and RAS servers MAC addresses, or is there a better way?
LVL 30
Duncan MeyersAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
LazarusConnect With a Mentor Commented:
yes you can ensure it. Besides the Reserved address you can give the allocations of numbers to give out, you can give it any ranges you like. Example

100-120
150-254

Right click on ADDRESS POOL and use the Exclusion list to do this.
0
 
LuxanaCommented:
Hi,

DHCP servers permit you to reserve an IP address for a client. This means that the specific network client will have the same IP for as long as you wanted it to. To do this you will have to know the physical address (MAC) of each network card. Enter the reservation name, desired IP address, MAC address and description - choose whether you want to support DHCP or BOOTP and press add. The new reservation will be added to the list.

please have a look here for more details
http://www.windowsnetworking.com/articles_tutorials/DHCP_Server_Windows_2003.html
0
 
Duncan MeyersAuthor Commented:
Perhaps I should explain the purpose of the question. The LAN is tied down so that only known clients will be allocated a DHCP address, hence all the existing clients already have a reservation configured in DHCP server. Currently, the VPN and RAS dial-in services use the same pool of IP addresses which means that someone can come along and plug their laptop into the network and pick up an IP address from the VPN/RAS pools. I can fix this by putting the RAS and VPN servers on a different subnet so that tehy use a different set of IP addresses, but due to the way everything is currently set up, that means acquiring a new box to do it. If it is possible to  simply reserve the VPN/RAS addresses so that a client cannot be allocated those addresses, then that is an easier (and cheaper) way to do it.

Windows 2000 Server, by the way...
0
 
Duncan MeyersAuthor Commented:
Sorry - forgot about this one. My apologies for my tardiness...

I'm yet to test the answer.
0
All Courses

From novice to tech pro — start learning today.