cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2773
Views
0
Helpful
2
Replies

AnyConnect ip pool change

geotech333
Level 1
Level 1

Hi all,

I am still not proficient with the ASA as I would like to be.

I have inherited an ASA with an AnyConnect IP Pool 192.168.6.1 - .254. Now currently the address pool is on the same VLAN as the inside interface, 192.168.0.20/21. Now that whole VLAN includes the range of 192.168.6.x but with a /21.

Is it possible to edit the AnyConnect IP pool as something other than the same VLAN as the inside interface? Let's say I would like to change it to 10.110.6.0/24.

If so, since our ASA is also running OSPF, i assume I would need to add the new IP pools network to OSPF as well?

Hopefully you can understand my question.

Thanks in advance.

1 Accepted Solution

Accepted Solutions

edadios
Cisco Employee
Cisco Employee

You can assign the ip pool that you want for the client.

Just ensure to also edit the nat 0 access-list associated with it, and if you are also doing any split tunneling acl. And yes, you have to manage the routing so that the pool address is sent  back to the firewall.

http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect25/administration/guide/ac02asaconfig.html#wp1083010

Regards,

View solution in original post

2 Replies 2

edadios
Cisco Employee
Cisco Employee

You can assign the ip pool that you want for the client.

Just ensure to also edit the nat 0 access-list associated with it, and if you are also doing any split tunneling acl. And yes, you have to manage the routing so that the pool address is sent  back to the firewall.

http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect25/administration/guide/ac02asaconfig.html#wp1083010

Regards,

Thanks so much for the document.

I will give it a shot.