SSTP over a specific network

asked 2022-06-04T15:05:37.847+00:00
Mateusz Bender 36 Reputation points

My SSTP server has two Intranet IP addresses. For simplicity, lets say it's 192.168.1.1 and 192.168.2.1 (with /24 subnets).
Likewise, I have a DHCP server with two Intranet IPs: 192.168.1.2 and 192.168.2.2.

Now, I'd like to have two different scopes depending on if the DHCP client is coming from LAN (192.168.1.X) or SSTP (192.168.2.X). I think I've managed to set up the DHCP fine, but I'm having issues with SSTP.

Is what I'm trying to do possible? I can't seem to restrict the SSTP / Routing and Remote Access to "work" on a specific subnet, it seems... I guess I could just "disable" the 192.168.1.1 IP from the SSTP server, but realistically I'd like to keep it ON that network still...

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
8,143 questions

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. answered 2022-06-04T19:46:26.36+00:00
    risolis 5,921 Reputation points

    Hello @MateuszBender-5444

    Thank you for your post.

    I would like to assist you on this one but I would like to get few details with this statement pls.

    Now, I'd like to have two different scopes depending on if the DHCP client is coming from LAN (192.168.1.X) or SSTP (192.168.2.X). I think I've managed to set up the DHCP fine, but I'm having issues with SSTP.

    Can you elaborate or provide more details about your issue?

    Looking forward to your feedback,

    Cheers,

  2. answered 2022-06-08T07:16:41.077+00:00
    Limitless Technology 37,291 Reputation points

    Hello,

    The issue that you will face in this case is the control of the situation. The client will broadcast on the LAN and will probably accept an offer from the first DHCP server to reply. You would be better off using manual configuration of all machines and forget DHCP.

    DHCP requests use LAN broadcasts. If the client is on the same segment as the DHCP server, the server receives the request directly.

    If the client is on a different segment the request will be received by the DHCP-relay device on that segment. This device is in the same segment as the client. When it relays the request to the DHCP server, the DHCP server knows where the request came from and will hand out an IP corresponding the the subnet in which the request was originally detected.

    But you can try to create a specific Class ID for one or more subnets or groups of workstations.
    So, some workstations can acquire a specific set of IP configuration, just execute the ipconfig command with /setclassid switch to be setup it properly, in each workstation - it can be made by script.

    Show DHCP class ID information at a client computer
    https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2003/cc758890(v=ws.10)?redirectedfrom=MSDN

    Hope this helps with your query!

    ------------------------------------------------------------------------------------------------------------------------------------------------------

    --If the reply is helpful, please Upvote and Accept as answer--