Who is the DHCP server? If the DHCP server is the firewall itself it's not possible. The DHCP server must be another server directly attached to the firewall.
Many thanks for your answer and sorry for my delay.
In my configuration, The DHCP server is the FW itself. Do you konw why it can't Work?
Do you mean by this that in theory it could be possible but this feature has not been implemented?
So what i did, i created a specific pool on my asa which has nothing to do with my LAN DHCP Range but i noticed that i could not assign a gateway to this pool. Can you confirm that i can't provide a gateway to this static pool. Imagine now that i begin to use this pool, how would i route the packet from this pool to my LAN scope or Internet, for example, without a default-route?
Yes its 'possible' for sure but not implemented.
Makes no sense (to me) actually, if you need to give IP from the ASA, why use the 'DHCP' option, just make a POOL on the ASA! You can assign the other common DHCP pushed options like dns server, domain etc. from the VPN group-policy anyway.
Many thanks for your answer. I understand what you mean. But if i create a pool, how can i manage to make the host, which has been assigned an ip from this pool, communicate with my lan devices as it will be in a different subnet. I didn't find a way to provide my new pool with a default gateway.
You don't have to worry about that. If the LAN users don't know how to reach the VPN client pool you can add a route manually for the whole pool or you can use reverse route injection for that.
My lan subnet starts from 192.168.0.1 TO 192.168.0.14 255.255.255.240.
My dhcp scope in this subnet starts from .1 to .9; the last adresses are for manual assignment (.10 up to .14).
if i create a pool for my vpn ssl clients, does it have to be in a different subnet (for example (192.168.0.16 to 192.168.0.31 /28) or in the same LAN subnet?
I tried to create a pool of two addresses picked up from my current lan subnet (192.168.0.10 and 192.168.0.11), the original error message disappeared, and the vpn ssl connection was established. But if i do a ipconfig /all i realise that the default gateway for this pool is 192.168.0.9. Moreover, i can not access any application in my LAN. Can you tell me why? During the creation of this pool, asdm never asks me for a gateway to provide?
Otherwise if i need to create a static route i need to attach it to one of my interfaces outside, inside, dmz. Which one should i use?
You can make a pool from the same subnet as your inside interface, no issues with that. The default gateway you see is normal. The IP is used as the default gateway because all traffic has to come back to the ASA (VPN server). You don't need a default gateway in the pool.
How is your split tunneling policy?
Is the inside interface of the firewall reachable to your whole network? (The subnet which the pool is part of).