Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
932
Views
0
Helpful
2
Replies

how asa handle ip address conflicts with vpn's ip local pool

strou
Level 1
Level 1

‎02-25-2009 07:38 AM - edited ‎02-21-2020 03:19 AM

Hi!

I wonder how asa handle ip address conflicts with vpn's ip local pool.

I can't find anything regarding that topic?

Steve

0 Helpful
2 Replies 2

Ivan Martinon
Level 7
Level 7

‎02-26-2009 09:05 AM

The ASA should be smart enough to avoid using the same ip address at the very same moment, after the ip address has been released by any vpn client, it has the "reuse-delay" parameter to find out how long it have to wait to use it after it has been released:

http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/uz.html#wp1570836

0 Helpful

yuri_slobodyanyuk
Level 1
Level 1

‎03-01-2009 11:43 AM

I haven't tested for address conflicts but know ASA installs route to ip assigned to VPN user from local pool with bitmask 32 and outgoing interface as outside (if users connect to outside). So logically would be to think more specific route to VPN user wins over network address with less bits in mask (configured say on LAN interface in ASA).

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card