Mode Config VPN support

[ajl119]

Hello.
Is support for 'Mode Config' VPN functionality on its way?

I.e. The ability to offer a connecting GreenBow VPN Client an IP address, DNS and WINS address (DHCP Like) from an address pool, thus removing the need to have to pre-populate VPN Clients with non overlapping static IP addresses.

Thanks

[achim]

hello,

if you edit a user in the manager you can asign this user a "static" ip-address under "vpn-options" (for l2tp or pptp, i think greenbow is using l2tp/ipsec).
you can configure the dns and wins address under vpn -> vpn l2tp / vpn pptp.

was this the answer you were looking for?

[ajl119]

Hello.

Thanks for your reply.
Yes you are quite right and i have done this for PPTP and L2TP VPN's, however i was wandering about IPSec Client to Gateway VPN's.

For example when defining the IPSec definitions, you have to statically specify the remote clients private IP and the remote client has to know that IP! This is horrible to manage.

Instead you want to be able to allow the client to connect and ask for an address from an address pool set on the server as per 'http://strongswan.org/uml/testresults2/mode-config/'.
This allows for one VPN definition that can function with many road warriors and where each road warrior does NOT need a unique policy configuarion.

I hope this makes sense.
Thank you in advance.

[ajl119]

Extract from Greewn bow website: http://www.thegreenbow.com/vpn.html

Mode-Config
"Mode-Config" is an Internet Key Exchange (IKE) extension that enables the IPSec VPN gateway to provide LAN configuration to the remote user's machine (i.e. IPSec VPN Client). Once the tunnel is opened with "Mode Config", the end-user is able to address all servers on the remote network by using their network name (e.g. //myserver/marketing/budget) instead of their IP Address.

Thanks

[oliver]

hi,

mode-config ist not support in the moment for nativ ipsec
connections.

[ajl119]

Ok, thanks.
PS. Great work with 2007 R2