Have you ever wanted to assign a Static IP Address to a Dial-In user on your SBS 2008 or SBS 2011 server and wondered how to do it? Well, until recently this was not something that I had ever had to spend any time thinking about, so had not even tried it myself.
Looking into Active Directory users and Computers there is a handy Dial-In tab on User Accounts where you can set the IP Address up. So having chosen a suitable IP Address that was part of the RRAS IP Range reserved in DHCP for Dial-In users I applied the settings and got the user to test the connection. They somehow received a completely different IP Address to the one I had assigned!
So – this lead me to digging into the only other logical place I could think of that might be causing this to not work properly and that was the VPN Policies.
To get to the Policies, I opened up Routing and Remote Access (under Administrative Tools).
Once opened up, I clicked on the Remote Access Logging & Policies folder. Having selected this folder, I then right-clicked the folder and selected Launch NPS.
This brought up the Network Policy Server window and from there I selected the Network Policies Folder. In the Policies at the top of the list is the General Connection Authorization Policy, so I right-clicked this and chose Properties from the menu option.
On the General Connection Authorization Policy Properties Window – it became immediately apparent why the fixed IP Address I had assigned in Active Directory Users and Computers was not working. Staring me in the face was a check box entitled “Ignore user account dial-in properties” and this was ticked by default, so I unticked the box and clicked the OK button.
I then asked my user to try the VPN again and this time the IP Address that I had assigned them was the IP Address that they received.
So – if you have been scratching your head over this for a while – it is as simple as assigning a fixed IP Address in Active Directory Users and Computers and unticking a check box.
Alan
Filed under: SBS, SBS 2008, SBS 2011, VPN | Tagged: Dial-In, Fixed IP, SBS, SBS 2008, SBS 2011, Static IP, VPN | 3 Comments »
Alan Hardisty's Blog - All Things IT Related 