cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1817
Views
0
Helpful
4
Replies

ip pool for Remote Access VPN's

Hi,

I am wondering if there is a way to influence asa when defining the ip pools without mask for remote access vpn's.

example: if I define a pool like below, only 2 clients can connect to my asa using vpn client.

ip local pool TEST 172.0.0.8-172.0.0.11 mask 255.255.255.252

what if i define a pool like below without mask, will the ASA let 4 clients connect instead of 2 ?

ip local pool TEST 172.0.0.8-172.0.0.11

4 Replies 4

Suresh Varghese
Level 1
Level 1

hi

yes with a subnet mask of 252, u will be gettign only 2 hosts

As far as i know u need to add subnet mask while defining pools and is mandatory

If you assign addresses from a non-local subnet, then you will need to add pools that fall on subnet boundaries to make adding routes for these networks easier

Thanks

subnet mask is optional atleast in 8.2 code , I have just checked the command reference guide.

I have defined the pool with a mask of 255.255.255.255 ( ip local pool  TEST 172.0.0.8-172.0.0.11 mask 255.255.255.255 ) instead and ASA assigns  the network and broadcast addresses too. But does this have any kind effect on client connectivity ?

anyone ???

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: