DHCP and PPTP Server - WINS and DNS Server Specification

Starting with software version 5.0.20090521, the DHCP and PPTP servers on InstaGate Firewalls are now able to supply DNS and WINS addresses in the DHCP assignment to PCs requesting a new IP address. This should help to eliminate the need to manually specify these addresses on each PC, and will help to better integrate PPTP clients to the internal network.

DHCP and PPTP, if enabled must be configured individually - this allows for specifying seperate WINS and DNS information to internal vs. external clients when necessary.

To configure DHCP, browse to the Network menu, and select Local Network (LAN) from the list. Check the Enabled box next to DHCP server to access the DHCP configuration.

Starting and Ending IP Address - These two options define the range of IP addresses that will be handed out to PCs requesting a DHCP lease. It is important to ensure these IP addresses fall within the subnet defined for the LAN IP address. The starting address must be lower than the ending address, and you should ensure the range of IP addresses supplied does not conflict with any statically assigned devices on your network.

DNS IP address - This option allows you to specify an alternative DNS server to DHCP clients. By default, this will be the LAN IP of the InstaGate, change this value to the desired DNS server IP address to be handed out to clients. This value may be a public IP address such as your ISP's DNS Server if desired.

WINS IP Address - This option allows you to specify an alternate WINS server for DHCP Clients to resolve internal network hostnames and workgroups. By default, the WINS address will be left blank, in which case the individual PC will either make WINS broadcast requests, or request the data from it's defined Gateway IP (the LAN IP of the InstaGate in this case). This option will allow you to specify a specific WINS IP address if you have a computer or server acting as your WINS Master Server. This should not be a public IP address, and must be directly accessible from PCs on your LAN.

To access the PPTP Server configuration, go to the Firewall menu, and choose the option PPTP VPN. For the InstaGate to act as the PPTP Server, you must select the Server radial option. The Passthrough option will direct all PPTP traffic to the IP address you specify, and the following options will not be available on the InstaGate.

First and Last IP Address - These settings are analogous to the Starting and Ending IP Addresses described above in the DHCP configuration. You must choose a range of IP addresses that 1) are within the InstaGate's Local Network subnet, and 2) do not conflict with the DHCP range or any other IP addresses on your internal network. To specify just one IP address for PPTP connections, simply enter the same IP address in both fields.

DNS IP Address - The IP address specified here will be supplied to the incoming PPTP client. This is useful for allowing PPTP Clients to browse machines on your internal network when a DNS-based directory controller is in use. Note that the PPTP Client chooses what DNS server IP address to use, and the client configuration may override this option. This IP will default to the InstaGate's LAN IP. Note that a public IP may be used here, such as your ISP's DNS server

WINS IP Address - The IP address specified here will be supplied to PPTP clients for WINS name resolution. This IP address is optional, when supplied it may allow incoming PPTP clients to browse the local WINS names and workgroups of your internal network. This should be an internal IP address, and should be the IP address of a computer or PC acting as a WINS Master server.

For more help configuring PPTP VPN on InstaGate firewalls, please consult the InstaGate PTPP VPN Guide (PDF)

Due to the complexity of network and IP configuration, this article will not go into details of specific issues that may arise from these configuration options. Please refer to the eSoft Knowledge Base or contact technical support