02-16-2020 10:40 PM - edited 02-21-2020 09:51 PM
Hello,
i had to edit a local adress-pool for anyconnect:
old: xxx.xxx.239.5-xxx.xxx.239.240 mask 255.255.255.255
new: xxx.xxx.236.5-xxx.xxx.239.240 mask 255.255.255.255
so this is no problem, but no connection uses the new adresses xxx.xxx.236.5 to xxx.xxx.238.254.
is there some cache or something similar?
02-17-2020 01:11 AM
Hi,
Change the mask to cover all IP addresses.
Have you created a new IP Pool, if so is it referenced in the Group Policy?
Your configuration should look like this:-
ip local pool VPN_POOL 192.168.14.10-192.168.14.254 mask 255.255.255.0
group-policy POLICY attributes
address-pools value VPN_POOL
HTH
02-17-2020 01:17 AM
Hi,
This has some thing to do with local pool lease time. Client will not get new address untill lease time got expires.
Which appliance you are using and which software?
02-17-2020 01:26 AM
it's 5525-X with 9.10(1)30
02-17-2020 02:18 AM
i just check about local pool for ASA, it seems ASA dont hold the IP addresses for that long once session disconnected so not sure why you are not getting it.
As advised in other post, make sure configuration is fine.
02-17-2020 02:36 AM - edited 02-17-2020 02:42 AM
when i enter "sh ip local pool POOL-XXX", the ASA shows all Adresses.
btw: the POOL is in the tunnel-group not in the Group Policy
02-17-2020 03:42 AM
clear ip local pool << POOL-NAME>>
then try new connection to vpn
Please rate useful post
02-17-2020 04:21 AM - edited 02-17-2020 04:24 AM
this would kill all active connections?
edit: I don't have this command
02-17-2020 11:04 PM
now i see the use of the "new" adresses, so it looks like the pool is counting up to the last adress and then starting with the first adress.
so thanks guys, everything is fine
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: