Configuring IPSec-XAUTH Address Pool
XAUTH server assigns the IP addresses in the address pool to users. After the client has established a connection to the XAUTH server successfully, the XAUTH server will choose an IP address along with other related parameters (such as DNS server address, WINS server address, etc) from the address pool, and will assign them to the client.
XAUTH server provides fixed IP addresses by creating and implementing IP binding rules that consist of a static IP binding rule and an IP-role binding rule. The static IP binding rule binds the client user to a fixed IP address in the address pool. Once the client has established a connection successfully, system will assign the binding IP to the client. The IP-role binding rule binds the role to a specific IP range in the address pool. Once the client has established a connection successfully, system will assign an IP address within the IP range to the client.
When the XAUTH server is allocating IP addresses in the address pool, system will check the IP binding rule and determine how to assign IP addresses to the client based on the specific checking order below:
- Check if the client is configured with any static IP binding rule. If so, assign the binding IP address to the client; otherwise, check the other configuration. Note if the binding IP address is in use, the user will be unable to log in.
- Check if the client is configured with any IP-role binding rule. If so, assign an IP address within the binding IP range to the client; otherwise, the user will be unable to log in.
To configure the IPSec-XAUTH address pool, take the following steps:
- Select Network > VPN > IPSec VPN.
- At the top-right corner, Select IPSec-XAUTH Address Pool..
- In the XAUTH Address Pool Configuration dialog box, click New.
- Click OK to save the settings.
|Address Pool Name||Specifies the name of the address pool.|
|Start IP||Specifies the start IP of the address pool.|
|End IP||Specifies the end IP of the address pool.|
Reserved Start IP
|Specifies the reserved start IP of the address pool.|
|Reserved End IP||Specifies the reserved end IP of the address pool.|
|Netmask||Specifies the netmask of the IP address.|
|DNS1/2||Specifies the DNS server IP address for the address pool. It is optional. At most two DNS servers can be configured for one address pool.|
|WINS1/2||Specifies the WIN server IP addresses for the address pool. It is optional. Up to two WIN servers can be configured for one address pool.|
|User||Type the user name into the User box.|
|IP||Type the IP address into the IP box.|
|Add||Click Add to add the item that binds the specified user to the IP address.|
|Role||Select a role from the Roledrop-down list.|
|Start IP||Type the start IP address into the Start IP box.|
|End IP||Type the end IP address into the End IP box.|
|Add||Click Add to add the item that binds the specified role to the IP address range.|
|Up/Down/Top/Bottom||Move the selected IP-role binding rule . For the user that is bound to multiple roles that are also configured with their corresponding IP-role binding rules, system will query the IP-role binding rules in order, and assign an IP address based on the first matched rule.|