Re: DHCP on Solaris: How to renew lease when VPN is active

I am reviving this thread with some additional information.

The problem is that the IP lease is NOT being renewed before the
expiry, IF VPN is running. Let me explain step-by-step, together with
what snoop shows.

1. If I reboot the machine, DHCP works, an IP is obtained. Hostname is
set to unknown, but there's a startup script that fixes this. The lease
is issued for 24 hours, and renew time is set to 12 hours (plus or
minus some random value).

SNOOP:: OLD-BROADCAST -> BROADCAST DHCP/BOOTP DHCPREQUEST

2. If after a few minutes, I issue "ifconfig hme0 dhcp extend" command,
the lease is extended to 24 hours, starting from now. This is fine.

SNOOP:: n1-n2-n3-n4.dsl.static.ISP.net ->
n5.eth_n6.dhcp.dsl-gw_n7.City.ISP.net DHCP/BOOTP
DHCPREQUEST

(where n1.n2.n3.n4 is my previously obtained ip address; n5, n6, n7,
City and ISP are specific to ISP).

3. I start VPN in the following way.

Command: /usr/local/bin/open_tunnel -d hme0 vpn.Company.COM USERID@vpn
Enter the Shared Key for USERID@vpn : <shared key typed>
Enter the PAP Authentication Secret for USERID@vpn : <PAP typed>
Enter the RADIUS Password for USERID@vpn : <Password typed>
Tunnel open for "USERID@vpn" as "IP1" to "IP2"

Where both IP1 and IP2 are distinct ip addresses.

Once VPN is running, this machine can ONLY connect to employer's domain
(telnet / rsh / ping etc work only for machines in Company's domain). I
suppose this is from a security point of view, and is the whole point
of VPN.

If I now issue a DHCP extend command, nothing happens. Lease is not
extended, and, in fact, snoop shows that no requests were issued. In
fact, at this point, even nslookup does not work.

As a result, VPN runs fine until DHCP lease expires. Once the lease
expires, VPN tunnel closes, and VPN connection is lost. After this,
DHCP automatically renews the lease.

So, I have a catch 22! To keep VPN running, I need to renew the lease,
but if VPN is running, the lease can not be renewed. I would appreciate
any guidance in this issue.

Thanks in advance for your suggestions.

Bhoot Nath

.

Relevant Pages

  • Re: DHCP Address Lease Pools fills up max allocation
    ... I understand that you get many lease ... this is mostly cause by you enable multiple VPN ... Restart the SBS to take effect. ... Please open Routing and Remote Access console on SBS thru run command ...
    (microsoft.public.windows.server.sbs)
  • Re: DHCP on Solaris: How to renew lease when VPN is active
    ... > The problem is that the IP lease is NOT being renewed before the ... If I reboot the machine, DHCP works, an IP is obtained. ... I start VPN in the following way. ... > If I now issue a DHCP extend command, ...
    (comp.unix.solaris)
  • Re: ip changed after sometime using dhcp
    ... >makes my ssh die. ... >correct or is the common way of DHCP. ... reasons for increasing the lease. ... Maybe there's a vpn solution that could work for you. ...
    (Debian-User)
  • Re: IP conflict in my network
    ... If a lease was to run out while a pc was turned off and then ... Below is a url to dhcp guide ... and use a software VPN to connect to work. ... turn off the computer and the router (Linksys BEFSX41, ...
    (comp.security.firewalls)
  • Re: DNS and NetBIOS names not resolving over a PPTP VPN using RRAS
    ... whatever DNS and WINS wettings are on the VPN server will be inherited ... by all VPN clients. ... with the DHCP Relay Agent. ...
    (microsoft.public.windows.server.networking)