[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 348
  • Last Modified:

VPN rejecting my fixed ip on client

hi there.

i have set up a ftp on a remote location on a dyanamic IP.  (home)
i use windows VPN to connect to the wan ip of the server to the office using the windows login.

The sites connect and i can ping from one to anoter and use remote desktop.
with the client machine i need to set up the ftp...

the vpn conects with automatic ip configuration but i need to change this to a fixed ip for the FTP. but when i change the IP to a fixed ip and log in to the remote office running windows 2003 the server rejects my fixed ip and only allows automatic ip range..

what do i do to make the vpn use a fixed ip and wil not get rejected by the server so i can run my ftp on that ip everytime.

thankyou

0
Avision27
Asked:
Avision27
  • 2
1 Solution
 
Rob WilliamsCommented:
Avision27, reading this I better understand your configuration than the previous question. There are ways to assign a static IP but that shouldn't be necessary. First, it is important that the remote and local networks be on different subnets. If the office is 192.168.0.x then the home network needs to be 192.168.1.0 or similar. If not, you will not be able to do this, because of routing issues. Then to connect to the FTP server, do not use the dynamic IP assigned by the VPN service but rather the actual IP assigned to the FTP servers network adapter, which should be assigned a static IP (within it's own subnet). The VPN and virtual adapter should look after the routing. As a test try pinging the FTP server from the office using that IP. If the FTP server is not on the same physical computer as the VPN client, you will have to make sure the "use  remote gateway" box is unchecekd.
See if that helps.
--Rob
0
 
Rob WilliamsCommented:
Should you still wish to assign a static IP to the VPN client, there are a couple of ways you can do so. Use only one method:
  {remember office and home need to be different subnets}
1) This option, according to Microsoft, requires the domain functional level be Windows 2000 native or better, On the demo server I tried, the option wasn't available until I raised the functional level to Windows 2003 (option is definitely not available with 2000 mixed mode). Do not raise the functional level just for this. If you wish to do so read Microsoft's documentation as to what raising the functional level will affect, it can block access of older computer systems. If the option is available; you can open the user's profile in Active Directory Users and Computers and on the Dial-in tab there is an option (2nd from the bottom) to "Assign a Static IP address". Enable, and insert an IP address within the DHCP server's subnet
2) Open the Routing and Remote Access Service console, expand the server name options in the left window, click on "Remote Access Policies", in the right hand window right click on "Connections to Microsoft Routing and Remote Access Server" and choose properties, click "Edit Profile", on the "IP" tab check "Client may request an IP address",  "OK" and exist. On the VPN client under TCP/IP properties assign an appropriate IP in the same subnet as the VPN server's subnet
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now