Greetings.
I'm using a 3620 running 12.3.16a IP-FW-IDS 3DES code as a IPSec server for a single client, not site to site. The conneciton uses 10 dot addresses inside of a NAT. It uses a pool for the moment like
ip local pool ipsec-51 10.200.51.100 10.200.51.199
and I've found the source of one of my last problems. the 10 dot range is a natural Class A mask of 255.0.0.0. When the client connects, I have to manually change the tcp/ip properties of the Cisco VPN adapter to use class C masking, and the apps begin working.
So, what I want to do is to convert the local pool to a dhcp scope pool so that the mask is correct. But, Isakmp barfs over the dhcp pool
--------------------
conf t
!
ip dhcp excluded-address 10.200.51.1 10.200.51.99
!
ip dhcp pool jeffvpn
network 10.200.51.0 255.255.255.0
domain-name bciassoc.net
dns-server 10.200.50.51 10.200.50.41
default-router 10.200.51.1
netbios-name-server 10.200.50.50
netbios-node-type h-node
lease 0 4
!
end
--------------------
and fails not letting the client get an ip address from this new pool.
I tried the same thing on a 3640 12.3.14T7 IPSec same problem. Any ideas?
Thanks,
-Jeff