Global settings of IPSec with DHCP
Last adaptation to the version: 12.6.0
New:
- Updated to Redesign of the webinterface
This article refers to a Resellerpreview
Preparations
An IP address range for the network of the selected interface must be available on the DHCP server.
On the UTM, this is configured under Area DHCP Pools.
Further setup instructions in the Wiki article on DHCP.
IPSec DHCP settings
Menu Area DHCP
| Caption | Value | Description | UTMuser@firewall.name.fqdnVPN  Dialog for the global DHCP settings of IPSec clients
|
|---|---|---|---|
| Mode notempty New as of v12.5.0 |
Determines whether DHCP requests are send to a specific server or via an interface as broadcast | ||
| DHCP-Server: Only for mode Server |
192.168.222.1 | Sets a DHCP server address to be used. It can also be a unicast address. For example, to be used with remote DHCP servers that can only be reached via routed networks. | |
| DHCP-Interface: Only for mode Interface |
LAN2 (UTM-Pools: xyz) | Specifies an interface through which DHCP requests from the client are forwarded as a broadcast. If applicable the names of the pools configured under Area DHCP Pools and belonging to a network configured on the interface are displayed. | |
| Static DHCP identity: | Off | For On, a static DHCP client identity and MAC address is generated for each client from its IPSec identity (e.g., certificate DN, EAP identity) to allow static IP addresses to be assigned by the server. | |
| Saves the settings and restarts the IPSec service notempty This will interrupt all existing IPSec connections
| |||