cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
737
Views
0
Helpful
8
Replies
Highlighted
Beginner

anyconnect: editing ip adress pool

Hello,

 

i had to edit a local adress-pool for anyconnect:

old: xxx.xxx.239.5-xxx.xxx.239.240 mask 255.255.255.255

 

new: xxx.xxx.236.5-xxx.xxx.239.240 mask 255.255.255.255

 

so this is no problem, but no connection uses the new adresses xxx.xxx.236.5 to xxx.xxx.238.254.

 

is there some cache or something similar?

8 REPLIES 8
Highlighted
VIP Mentor

Hi,

Change the mask to cover all IP addresses.

Have you created a new IP Pool, if so is it referenced in the Group Policy?


Your configuration should look like this:-

 

ip local pool VPN_POOL 192.168.14.10-192.168.14.254 mask 255.255.255.0

 

 group-policy POLICY attributes
 address-pools value VPN_POOL

 

HTH

Highlighted

Hi,

 

This has some thing to do with local pool lease time. Client will not get new address untill lease time got expires.

 

Which appliance you are using and which software?

Highlighted

it's 5525-X with 9.10(1)30

Highlighted

i just check about local pool for ASA, it seems ASA dont hold the IP addresses for that long once session disconnected so not sure why you are not getting it.

 

As advised in other post, make sure configuration is fine.

Highlighted

when i enter "sh ip local pool POOL-XXX", the ASA shows all Adresses.

 

btw: the POOL is in the tunnel-group not in the Group Policy

Highlighted

clear ip local pool << POOL-NAME>>

then try new connection to vpn

 

Please rate useful post

Highlighted

this would kill all active connections?

 

edit: I don't have this command

Highlighted

now i see the use of the "new" adresses, so it looks like the pool is counting up to the last adress and then starting with the first adress.

 

so thanks guys, everything is fine