cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
378
Views
5
Helpful
7
Replies
Ibrahim Jamil
Frequent Contributor

2 address pools

Hello folks

can i have 2 pools each with diifferent subnet

let say pool-1 (172.16.30.0/24)

          pool-2 (172.16.31.0/24) i wanna put restricution on remote vpn users having address from pool-2,and just give them access to 172.16.10.0/24,

is it possible on the asa 5510?is so how u do it?

thanks for any help

7 REPLIES 7
PAUL GILBERT ARIAS
Contributor

For the same remote access vpn you can't but you could create a second remote access vpn named differently and use the new pool. That way users can select which vpn they could use

Sent from Cisco Technical Support iPhone App

Hi

1)How you configure second vpn with second pool

2)what about the restriction on the 2nd pool, i want second pool to access specific address

3)we have acs can we create these 10 users on acs an perform downoable access-list

tj.mitchell
Enthusiast

You could use the DAP for this or if you are going to create a new VPN group for this, you could also inside the group policy create a filter list and only allow the systems you want the users to access.

Sent from Cisco Technical Support iPhone App

hi

can u tell me how?

create another ip local pool for VPN users

then create a new group-policy that references this new address pool..

then create a new tunnel-group that uses the group policy as the default group policy.

You can then put all your regular normal stuff under the new group policy such as authentication, dns and domain information or if you put anything else under the policies.

Don't forget to add it to the nonat lists as well.

Patrick0711
Participant

Just create separate tunnel-groups/group-policies, have the group policy reference the separate IPpools, impose vpn-filters on group policy you want to restrict.

Or an even easier solution would be to simply use a single IP pool, assign a framed IP address to users, and set up VPN filters to filter that specific framed IP address.

hi Patrick

how to configure the below,Please provide configuration exaple for that

Or an even easier solution would be to simply use a single IP pool, assign a framed IP address to users, and set up VPN filters to filter that specific framed IP address.

Create
Recognize Your Peers
Content for Community-Ad