cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
709
Views
0
Helpful
1
Replies

Trusted Network Detection not releasing client address back to the local pool

JonFargo10
Level 1
Level 1

Hello,

 

I have a question for everyone. I have configured trusted network detection in a non-production environment, and basically it is working as advertised. I have found though, that when I move from an 'untrusted' network to a 'trusted' network the ASA never releases the AnyConnect assigned IP address back to the local pool. I no longer see the AnyConnect address on the client but I still see a session on the ASA (verified with 'show vpn-sessiondb detail anyconnect') with no data passing through the tunnel. The output from the command 'show ip local pool XXXXXX' still shows the assigned address in use, when actually it isn't. Has anyone else seen this before? Is this how trusted network detection works? Are there 'timers' or anything configurable that will allow this address to be returned back to the pool?

 

Thanks.

 

Jon

1 Reply 1

JonFargo10
Level 1
Level 1

Hello,

 

If anyone has any thoughts or insights on this, I would be appreciative. 

 

Thanks.

 

Jon