Understanding Sidewinder client address pools
Address of the firewall
Protected networks
The client does not need to define a virtual IP for use in the VPN connection, nor do they need to concern themselves with DNS issues on the trusted network.
In addition to simplifying the configuration process for your clients, client address pools give you the ability to place additional controls on VPN clients.
You can allow or restrict access on a client address pool basis.
For example, assume you create two client address pools. Client associations initiated from pool A might be granted access to cer- tain networks that are off limits to clients from pool B.
You can allow or restrict access on a client basis.
This is done by assigning a specific IP address within a client address pool to a specific user. By creating a network object for that IP address, you can then use the network object in an ACL entry to allow or restrict the client’s access to additional services.
IMPORTANT: Client address pools are most useful when implemented in a VPN association between Sidewinder and clients or gateways whose IP addresses are assigned dynamically. Client address pools are not typically used in VPN associations between two peers that contain static IP addresses.
For more detailed information on client address pools, see the Sidewinder Administration Guide.
Planning Your VPN Configuration