This might be different and Googling around hasn't turned up a lot of useful clues. Here's the setup I need, I think:
- The broader environment already has a DHCP deployment. I can't use it for what I'm after.
- One new DHCP server, Debian Jessie.
- I have a series of VPN appliances that people log into, all within a specific /24 on their internal interfaces, e.g. 10.100.50.0/24.
- Our VPN vendor allows you to designate a FQDN or IP as your DHCP server for your remote VPN clients or you can use predefined static IP pools. I've had static pools and now want a single DHCP server for hundreds of users.
- So process wise, users log into the VPN, auth to AD through it, the VPN asks the DHCP server for an IP, and that gets assigned to the remote user who is then "on" the office network.
- I want to designate that new Debian DHCP server just for our VPN users.
- I want to ensure that there's 0.00% possibility of other DHCP queries landing on it, except from 10.100.50.0/24.
So, I've never setup a DHCP server before (oddly) but it seems pretty simple, and the VM I'm building can scale fine to an order of magnitude at least bigger than I need. I'm seeing you can do MAC filtering, but nothing obvious about IP range filtering. I'm suspecting I need to just limit the DHCP server to the 10.100.50.0/24 range and I'm golden.
What's the best tactic here? IPtables on the Debian host? A setting in the DHCP configs I'm missing on docs?
[link][4 comments]