Am running a TZ-170 enhanced OS here at the office with static internal ip addresses. I have a block of 5 addresses set up for the TZ-170 to use as a DHCP. When I set up a VPN from home using the Sonic VPN client it will not connect and assign a "virtual ip address" unless I first log into the TZ-170 over the WAN and clear out the 5 ip "leases" even though there is nothing on the network actually connected with those ip"s. If I clear out the leases I am able to get right in. What can I do to correct this? Thanks for the help!
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
TZ-170 Enhanced Virtual ip problem 1
- Thread starter s73880b
- Start date
s73880b
I am at a loss - let me see the 5 DHCP leased addresses are not bieng used by anything - Not even printers yet when you go into the TZ170 they are leased out.
If this is so then you need start tracing down where these address are bieng assigned and correct that problem first.
If I am wrong then you can set how long you want to have the address leased out - my is currently set to 8 hrs. this will auto delease(is there such a word) the addresses once everybody goes home - even if they leave thier PC on. But the main problem is if the leave them on they will just get the same address backfor another 8 hrs this is why we make it maditory to shut down all PCs.
or you can just boost the number of Dynamic IP addresses.
b
I am at a loss - let me see the 5 DHCP leased addresses are not bieng used by anything - Not even printers yet when you go into the TZ170 they are leased out.
If this is so then you need start tracing down where these address are bieng assigned and correct that problem first.
If I am wrong then you can set how long you want to have the address leased out - my is currently set to 8 hrs. this will auto delease(is there such a word) the addresses once everybody goes home - even if they leave thier PC on. But the main problem is if the leave them on they will just get the same address backfor another 8 hrs this is why we make it maditory to shut down all PCs.
or you can just boost the number of Dynamic IP addresses.
b
-
1
- #3
SonicWALLInstructor
IS-IT--Management
Hi s73880b First this is a community of friendly human techs, so if you can share your first name with us it will let us know you are human also(hehe).
Anyway, DHCP is a "IP leasing agent" and will not allow another to "lease" an IP in it's range until the PC gives the lease up. So even if the PC is not using it DHCP will not assigned it to another PC until the lease is up, by default DHCP lease times on the SonicWALL is 1440 minutes. In a more mobile network this can pose a problem. A good solution is to lower the "lease time to maybe a work day instead of a month"
Also as rphips mentioned above you can increase the DHCP scope ip range to maybe 10.
I suggest you do both if you can
Roger White CISSP, CISA, CISM, GSEC
Certified SonicWALL Instructor
Certified Security Architect and Auditor
SonicWALL Curiculum Developer and Senior Trainer
SonicWALL Academy
(718)450-8127
Anyway, DHCP is a "IP leasing agent" and will not allow another to "lease" an IP in it's range until the PC gives the lease up. So even if the PC is not using it DHCP will not assigned it to another PC until the lease is up, by default DHCP lease times on the SonicWALL is 1440 minutes. In a more mobile network this can pose a problem. A good solution is to lower the "lease time to maybe a work day instead of a month"
Also as rphips mentioned above you can increase the DHCP scope ip range to maybe 10.
I suggest you do both if you can
Roger White CISSP, CISA, CISM, GSEC
Certified SonicWALL Instructor
Certified Security Architect and Auditor
SonicWALL Curiculum Developer and Senior Trainer
SonicWALL Academy
(718)450-8127
- Thread starter
- #4
Thanks for the input. I have one more question. Right now on my internal LAN I have a IP range of 206.94.181.1 through 206.94.181.60 (using .30 for my TZ-170 gateway). I have the internal subnet set at 255.255.255.192. I have static ip addresses set up for all of the client stations (it is required to access our in house ADP System). As it stands I only have 5 additional ip addresses (206.94.181.51 through .55) available. If I wanted to add additional ip addresses up to 206.94.181.75 (making 206.94.181.61 through 206.94.181.75 available to Dynamically Assign) do I need to go through the inital set up wizard again? I tried just go to network>DHCP and add the new dynamic range but it didn't work. Will the subnet 255.255.255.192 need to change also? What is odd is that when I started to go through the wizard it looked like it had old settings from our previous ISP yet when I go to network>interfaces I do not have the option to put in a ip range. I hope this makes sense. Thanks, Art
- Status
Similar threads
- Locked
- Question
- Locked
- Question
- Locked
- Question