Address Assignment

DHCP server 1G.G.1.1G

Internet DHCP address

Configuration | Quick | Address Assignment

Select at least one method of assigning IP addresses to clients as a tunnel is established. The methods are tried in the order listed.

1. V Client Specified This method lets the client specify its own IP address.

2 I- Per User assisns H5 addresses on a per-user basis. If you use an authentication server (which you configure next) that has IP addresses configured, we recommend selecting this method.

4. V Configured Pool Range Start |

Range End |

This method uses this device to assign IP addresses.

© 2003, Cisco Systems, Inc. All rights reserved.

In the remote access PC, there are two IP addresses: the NIC address and the virtual IP address. The Concentrator Address Assignment window allows you to define how the remote PC receives the second IP address. There are four possible methods for obtaining the virtual IP address from which you must choose:

■ Client Specified check box—Select this check box to enable the Software Client to specify its own IP address. For maximum security, it is recommended that you control IP address assignments and not use the Software Client-specified IP addresses.

■ Per User check box—Select this check box to assign IP addresses retrieved from an authentication server on a per-user basis. If you are using an authentication server (external or internal) that has IP addresses configured, using this method is recommended.

■ DHCP check box—Select this check box to use a DHCP server to assign IP addresses.

Configured Pool check box—Select this check box to use the Concentrator to assign IP addresses from an internally configured pool.

Authentication

Cisco.com

Cisco VPN 3000 Series Concentrator Client

Cisco.com

Cisco VPN 3000 Series Concentrator Client

Computer Name: BOSTON Domain: Domain BOSTON

© 2003, Cisco Systems, Inc. All rights reserved.

Computer Name: BOSTON Domain: Domain BOSTON

© 2003, Cisco Systems, Inc. All rights reserved.

Before remote users can gain access to the private corporate network, they must be authenticated. Use the Configuration>Quick>Authentication window to define the types of authentication servers:

■ Server Type drop-down menu—Click the drop-down arrow and choose one of the following:

RADIUS—An external Remote Authentication Dial-In User Service (RADIUS) server.

NT domain—An external Windows NT domain server. Use the computer name, not the domain name. If you are unsure of the NT server computer name, refer to Start>Control Panel>System>Network Identification on your PC or ask your network administrator.

Security Dynamics (SDI)—An external Rivest, Shamir, and Adleman (RSA) Security Inc. SecurID server.

Kerberos/Active Directory—Supports authentication to Kerberos/Active Directory, which is the default authentication mechanism in Microsoft Windows 2000 and Windows XP.

Internal server—The internal Concentrator authentication server (a maximum of 100 groups and users).

Authentication Server Address field—Enter the IP address of the Windows NT domain authentication server (for example, 10.0.1.10).

■ Domain Controller Name field—Enter the Windows NT primary domain controller hostname for this server (for example, Boston). Do not use the domain name.

Was this article helpful?

0 0

Post a comment