SonicWALL 5.8.1 Manuale Utente
VPN > DHCP over VPN
921
SonicOS 5.8.1 Administrator Guide
Configuring DHCP over VPN Remote Gateway
1.
Select Remote Gateway from the DHCP Relay Mode menu.
2.
Click Configure. The DHCP over VPN Configuration window is displayed.
3.
In the General tab, the VPN policy name is automatically displayed in the Relay DHCP
through this VPN Tunnel filed if the VPN policy has the setting Local network obtains IP
addresses using DHCP through this VPN Tunnel enabled.
through this VPN Tunnel filed if the VPN policy has the setting Local network obtains IP
addresses using DHCP through this VPN Tunnel enabled.
Note
Only VPN policies using IKE can be used as VPN tunnels for DHCP.
4.
Select the interface the DHCP lease is bound from the DHCP lease bound to menu.
5.
If you enter an IP address in the Relay IP address field, this IP address is used as the
DHCP Relay Agent IP address in place of the Central Gateway’s address, and must be
reserved in the DHCP scope on the DHCP server. This address can also be used to
manage this SonicWALL security appliance remotely through the VPN tunnel from behind
the Central Gateway.
DHCP Relay Agent IP address in place of the Central Gateway’s address, and must be
reserved in the DHCP scope on the DHCP server. This address can also be used to
manage this SonicWALL security appliance remotely through the VPN tunnel from behind
the Central Gateway.
6.
If you enter an IP address in the Remote Management IP Address field, this IP address
is used to manage the SonicWALL security appliance from behind the Central Gateway,
and must be reserved in the DHCP scope on the DHCP server.
is used to manage the SonicWALL security appliance from behind the Central Gateway,
and must be reserved in the DHCP scope on the DHCP server.
7.
If you enable Block traffic through tunnel when IP spoof detected, the SonicWALL
security appliance blocks any traffic across the VPN tunnel that is spoofing an
authenticated user’s IP address. If you have any static devices, however, you must ensure
that the correct Ethernet address is typed for the device. The Ethernet address is used as
part of the identification process, and an incorrect Ethernet address can cause the
SonicWALL security appliance to respond to IP spoofs.
security appliance blocks any traffic across the VPN tunnel that is spoofing an
authenticated user’s IP address. If you have any static devices, however, you must ensure
that the correct Ethernet address is typed for the device. The Ethernet address is used as
part of the identification process, and an incorrect Ethernet address can cause the
SonicWALL security appliance to respond to IP spoofs.
8.
If the VPN tunnel is disrupted, temporary DHCP leases can be obtained from the local
DHCP server. Once the tunnel is again active, the local DHCP server stops issuing leases.
Enable the Obtain temporary lease from local DHCP server if tunnel is down check
box. By enabling this check box, you have a failover option in case the tunnel ceases to
function. If you want to allow temporary leases for a certain time period, type the number
of minutes for the temporary lease in the Temporary Lease Time box. The default value is
2 minutes.
DHCP server. Once the tunnel is again active, the local DHCP server stops issuing leases.
Enable the Obtain temporary lease from local DHCP server if tunnel is down check
box. By enabling this check box, you have a failover option in case the tunnel ceases to
function. If you want to allow temporary leases for a certain time period, type the number
of minutes for the temporary lease in the Temporary Lease Time box. The default value is
2 minutes.