Global VPN client - IP addresses from other then default subnet

03/26/2020 63 19007

DESCRIPTION:

This article assists you to configure a different IP addressing scheme (subnet) other than the default subnet for the Global VPN clients.

RESOLUTION:

 NOTE: Virtual Adapter settings are required.

1.  Login to an application GUI.
2. Click Manage in the top navigation menu.
3. Navigate to System Setup | Network | Interfaces. Click Add Interface button and selecting the option from the drop down Virtual Interface.
   
                     
   
       
4. PIck a zone (such as LAN or a custom one) and select a VLAN tag. Choose a parent interface (LAN interfaces preferred).
5. Put an IP address and Subnet mask that you wish to use for the GVC connection.
   
   
   
6. Click OK. One does not need to change anything on the Advanced tab. 
   
   
7. Navigate to System Setup| Network | DHCP Server and make sure that the server is Checked.
8. Click Add Dynamic button.
9. Select Interface Pre-Populate and choose the VLAN interface from the list.
    
   
   
10. In Range Start put an IP address that is not the first from the whole range but at least the 3rd one. In this example we used 192.168.100.1 as an interface IP so we have a range from 192.168.100.1 to 192.168.100.254. We need to reserve one IP in front of the DHCP range for a relay IP which we will configure in next steps. So in our case the range start is 192.168.100.3. Range End is up to you. Default Gateway and Subnet Mask should be of course filled according to your settings. In our example it would be Default Gateway: 192.168.100.1 and Subnet Mask: 255.255.255.0.
    
    
    
11. Click OK. 
12. Navigate to Connectivity | VPN | DHCP over VPN and click Configure (Please make sure it is set to Central Gateway).           
    
    
13. Select Use Internal DHCP Server and For Global VPN Client.
14. In the Relay IP Address (Optional) please put the reserved IP. In our example it is 192.168.100.2.
15. Click OK. From now on the GVC clients will be assigned different IPs.
    
    

    NOTE: The same can be set for an external DHCP server. The same rules for relay IP apply.
    
    

Resolution for SonicOS 6.2 and Below

The below resolution is for customers using SonicOS 6.2 and earlier firmware. For firewalls that are generation 6 and newer we suggest to upgrade to the latest general release of SonicOS 6.5 firmware.

NOTE: Virtual adapter settings are required.

1. Login to an application GUI.
2. Navigate to Network | Interfaces.
3. Click Add Interface button.
4.  PIck a zone (such as LAN or a custom one) and select a VLAN tag. Choose a parent interface (LAN interfaces preferred).
5.  Put an IP address and Subnet mask that you wish to use for the GVC connection.
   
   
   
6. Click OK. One does not need to change anything on the Advanced tab.
7. Click Accept button.
8. Navigate to Network | DHCP Server and make sure that the server is enabled.
9. Click Add Dynamic button.
10.  In Range Start put an IP address that is not the first from the whole range but at least the 3rd one. In this example we used 192.168.100.1 as an interface IP so we have a range from 192.168.100.1 to 192.168.100.254. We need to reserve one IP in front of the DHCP range for a relay IP which we will configure in next steps. So in our case the range start is 192.168.100.3. Range End is up to you. Default Gateway and Subnet Mask should be of course filled according to your settings. In our example it would be Default Gateway: 192.168.100.1 and Subnet Mask: 255.255.255.0.
11. Select Iinterface Pre-Populate and choose the VLAN interface from the list.
12. Click OK button.
13. Navigate to VPN | DHCP over VPN and click Configure(Please make sure it is set to Central Gateway.).
14. Select Use Internal DHCP Server and For Global VPN Client.
15. In the Relay IP Address (Optional) please put the reserved IP. In our example it is 192.168.100.2.
16. Click OK button. From now on the GVC clients will be assigned different IPs.
    
    

    NOTE: The same can be set for an external DHCP server. The same rules for relay IP apply.