Getting Started With VPN Settings in Access Server

Access Server dynamically assigns IP addresses to users by default, similar to an internal DHCP system. The default subnet for new servers is 172.27.224.0/20, but you can modify this by adjusting the Network Address and Netmask bits fields.

Dynamic IP addresses change with each session. When users connect, they are assigned an available IP address within the subnet, which may vary between connections.

Avoid assigning the same IP and subnet to your VPN if your internal network uses a subnet (e.g., 192.168.0.0/16). Use the Static IP Address Network along with the User Permissions page for users requiring a static IP address.

Find more details on IP addresses here: Static IP Address.

You can configure remote user access to private subnets in the Routing section. Depending on your network needs, this can be achieved using either NAT or routing.

For more, see:

Split tunneling controls whether all internet traffic or only private subnet traffic is routed through the VPN.

To enable split tunneling, set "Should client internet traffic be routed through the VPN?" to No. Then, you will need to define the private subnets your clients need access to.

For more, refer to Understanding How Split Tunneling Works with Access Server.

You can configure specific DNS servers for clients in the DNS Settings section. This feature is handy if you manage private DNS servers for added security or easier access to internal systems.

Set "Have clients use specific DNS servers" to Yes, and enter the addresses of your preferred DNS servers.

For more, see:

You've reviewed key configuration settings for your VPN. You can also consider setting up a hostname and adding users, as well as security steps: