Hi all
I have setup an L2TP server for remote VPN clients - initially using the same DHCP Pool as the remote address on the Profile and the Router IP as the Local Address. This all works fine - VPN clients can connect, ping devices on the local network - DNS works, access file shares etc. This is with the VPN Connection Settings on the client set to either use the default gateway on the remote network, or set not to use the default gateway on the remote network - which is our preferred option so we don’t get all internet traffic coming through the VPN.
I would like to change this so that VPN users are on a different IP Range.
If I create a new DHCP Pool - and assign this to the Profile - leaving the local address as the router IP address, then the VPN clients connect and everything works - if the client is set to use the default gateway on the remote network. However, if I turn this setting off - and tell the client not to use the default gateway on the remote network, I lose all connectivity to devices on the local network from a VPN user.
I assume (hopefully correctly) that I need to assign a route to my primary LAN addresses from my VPN IP Pool - but I’m unsure how to do this. Checking the client with and without the use remote gateway setting, it shows an additional route to 0.0.0.0 with a netmask of 0.0.0.0 via the clients assigned IP address - obviously sending all internet traffic to the VPN connection. Is there a way to tell the VPN client to only send traffic for the main network via the VPN connection?
Thanks in advance!