05-30-2012 07:27 AM - edited 02-21-2020 06:06 PM
Hi,
I am wondering if there is a way to influence asa when defining the ip pools without mask for remote access vpn's.
example: if I define a pool like below, only 2 clients can connect to my asa using vpn client.
ip local pool TEST 172.0.0.8-172.0.0.11 mask 255.255.255.252
what if i define a pool like below without mask, will the ASA let 4 clients connect instead of 2 ?
ip local pool TEST 172.0.0.8-172.0.0.11
05-30-2012 07:41 AM
hi
yes with a subnet mask of 252, u will be gettign only 2 hosts
As far as i know u need to add subnet mask while defining pools and is mandatory
If you assign addresses from a non-local subnet, then you will need to add pools that fall on subnet boundaries to make adding routes for these networks easier
Thanks
05-30-2012 07:58 AM
subnet mask is optional atleast in 8.2 code , I have just checked the command reference guide.
05-31-2012 10:08 AM
I have defined the pool with a mask of 255.255.255.255 ( ip local pool TEST 172.0.0.8-172.0.0.11 mask 255.255.255.255 ) instead and ASA assigns the network and broadcast addresses too. But does this have any kind effect on client connectivity ?
06-04-2012 06:05 AM
anyone ???
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide