- 2 VPN 3030 Servers (3.6.7f code)
- Clients: 3.63+ (Win2k/XP)
- 2 AIX 4.3.3 Servers ML 11 running dhcpsd daemon
- Clients from home connect to vpn server which then get an address from a dhcp server for client after authentication.
- Concentrator setup with :
Under User Mangement | Group Setup | Client Config: Intercept DHCP Message isn't checked off.
Almost once a week we have a problem with the dhcp daemon not able to hand out new addresses from the vpn subnet to vpn users coming in. Addresses are still being handed out for other subnets no problem (ie. local lan subnets). We notice that addresses in the vpn subnet seem to go into a 'RESERVED' status (even though there are over 1500+ addresses and only 300 users on at the time ... 90% of the addresses show as being RESERVED) basically we end having to recycle the daemon.
This is a Cisco VPN concentrator problem I believe, since we have shiva vpn servers as well, and never have problems with that subnet. Our dhcp server otherwise are in very good health.
Question: Has anyone else seen this type of problem ?