https://community.cisco.com/t5/network-security/adding-a-new-ip-address-pool/m-p/957534#M1011841 <HTML><HEAD></HEAD><BODY><P>Thanks for your reply.</P><P>However, I have successfully added the IP address pool as for the configuration described in my first post.</P><P>I was afraid that it would not have worked as the new address pool was in a different subnet from the subnet of the physical interface of the VPN concentrator and that of the VPN Tunnel default gateway. </P><P>We have added the IP static route on core switches and firewalls to route the traffic to the new IP address pool, the default gateway being the VPN concentrator's (internal)IP address and it has worked!</P><P> </P></BODY></HTML> Mon, 07 Apr 2008 12:45:08 GMT pumpkin06 2008-04-07T12:45:08Z https://community.cisco.com/t5/network-security/adding-a-new-ip-address-pool/m-p/957532#M1011834 <P>I need to add a new ip address pool to the VPN concentrator 3015 since we are running out of ip addresses defined in the existent ip address pool.</P><P>its configuration is as follows: </P><P>[ipaddrpool 1]</P><P>rowstatus=1</P><P>rangename=</P><P>startaddr=172.16.3.6</P><P>endaddr=172.16.3.101</P><P>mask=255.255.255.128 </P><P></P><P>here is the private ip address of the VPN concentrator:</P><P>[ip 1]</P><P>enable=1</P><P>address=172.16.3.2</P><P>mask=255.255.255.128</P><P></P><P>here is the Tunnel Default Gateway configuration:</P><P></P><P>[ipglobals]</P><P>deftunnelgateway=172.16.3.1</P><P>rtrDiscEnable=2</P><P>natEnable=2</P><P>natTunnelEnable=2</P><P>syncall=1</P><P>locDefGwPref=1</P><P>redistClients=2</P><P>redistNetExt=2</P><P>synCookies=1 </P><P></P><P>VPN 3015 is configured to assign ip addresses through IP address pools only!</P><P></P><P>If I add the following address pool </P><P>start address: 17.16.3.225</P><P>end address: 17.6.3.254</P><P>subnet mask: 255.255.255.224 </P><P></P><P>Will it work given that the new ip address pool is not on the same vlan (different subnet) as the private interface of the VPN concentrator? If yes, what additional configuration changes are necessary to make this work?</P><P>I do not how to set up the default gateway for the new address pool? Please advise.</P><P>Many thanks in advance</P><P></P> Fri, 21 Feb 2020 09:57:31 GMT https://community.cisco.com/t5/network-security/adding-a-new-ip-address-pool/m-p/957532#M1011834 pumpkin06 2020-02-21T09:57:31Z https://community.cisco.com/t5/network-security/adding-a-new-ip-address-pool/m-p/957533#M1011836 <HTML><HEAD></HEAD><BODY><P>If the address pool is for the remote vpn client users then make sure that they get the IP's in the same range as the internal network they want to access. Following links may help you</P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/docs/security/asa/asa80/getting_started/asa5505/quick/guide/rem_acc.html" target="_blank">http://www.cisco.com/en/US/docs/security/asa/asa80/getting_started/asa5505/quick/guide/rem_acc.html</A></P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00807e0aca.shtml" target="_blank">http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00807e0aca.shtml</A></P></BODY></HTML> Fri, 04 Apr 2008 16:34:54 GMT https://community.cisco.com/t5/network-security/adding-a-new-ip-address-pool/m-p/957533#M1011836 tstanik 2008-04-04T16:34:54Z https://community.cisco.com/t5/network-security/adding-a-new-ip-address-pool/m-p/957534#M1011841 <HTML><HEAD></HEAD><BODY><P>Thanks for your reply.</P><P>However, I have successfully added the IP address pool as for the configuration described in my first post.</P><P>I was afraid that it would not have worked as the new address pool was in a different subnet from the subnet of the physical interface of the VPN concentrator and that of the VPN Tunnel default gateway. </P><P>We have added the IP static route on core switches and firewalls to route the traffic to the new IP address pool, the default gateway being the VPN concentrator's (internal)IP address and it has worked!</P><P> </P></BODY></HTML> Mon, 07 Apr 2008 12:45:08 GMT https://community.cisco.com/t5/network-security/adding-a-new-ip-address-pool/m-p/957534#M1011841 pumpkin06 2008-04-07T12:45:08Z