Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

VPN client address allocation

Is there a "best" way to manage IP addresses handed to VPN clients?

If you had your choice, which method would you choose: DHCP relay, address pools, etc.?

What are the pros and cons?

I am trying to find the most reliable and easiest-to-manage method.


New Member

Re: VPN client address allocation

The best way is that you are responssible for VPN clients address, so that you are not using real addresses on remote site.

Now, which method to use depends of the infrastructure that you have. You can use pools from your network device or even better from your radius server, if you have one.

What is the main feature here for me: You need ip addresses that you know exactly which group has it and that you know immediately that those IPs are from VPN clients.

New Member

Re: VPN client address allocation

Thanks very much for the valuable information. I have noticed on the forum some talk about using a RADIUS server to manage VPN IP addresses.

Do you know if an MS Radius server will work for this task or does it have to be a Cisco ACS server?

Thanks much!

CreatePlease to create content