Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
169
Views
1
Helpful
8
Replies

RAVPN Address Pool changing for two different connections

Go to solution
NetworkMonkey101
Level 1
Level 1

‎01-24-2025 04:09 AM

Hi, 

I have an RAVPN solution deployed at two different sites. They each are supposed to use different address pools but when I change one pool it changes the other.. how do I get around this?

NetworkMonkey101_0-1737720185486.png

Site 1

NetworkMonkey101_1-1737720216251.png

NetworkMonkey101_2-1737720370701.png

The address pool for site one should be 192.168....

Site 2

NetworkMonkey101_3-1737720436405.png

 

The address pool for site 2 should be 10.116.89.16 - 253 when I change it in the site two configuration it changes the site 1 also..

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
MHM Cisco World
VIP
VIP
In response to NetworkMonkey101

‎01-24-2025 04:35 AM

We start with pool and now we end to change all VPN.

Friend add new vpn profile totally new abd use new object for new VPN pool.

In some point the fmc use same vpn config for both ftd sites

MHM

View solution in original post

0 Helpful
8 Replies 8

Go to solution
MHM Cisco World
VIP
VIP

‎01-24-2025 04:11 AM

That must not happend unless you deploy change to group not to standalone ftd.

MHM

0 Helpful

Go to solution
NetworkMonkey101
Level 1
Level 1
In response to MHM Cisco World

‎01-24-2025 04:14 AM

Just thinking would I need to create a new group policy instead of using the same for both sites?

0 Helpful

Go to solution
MHM Cisco World
VIP
VIP
In response to NetworkMonkey101

‎01-24-2025 04:17 AM

Sure correct.

In end fmc push config to both site ftd' if yoh use same object-group then fmc will push same pool to both site ftd.

MHM

0 Helpful

Go to solution
Rob Ingram
VIP
VIP

‎01-24-2025 04:17 AM - edited ‎01-24-2025 04:18 AM

@NetworkMonkey101 it looks like you are referencing the same IP address pool object? Create a different IP address pool and reference the new address pool on the connection profile.

Alternatively if you want to use the same address pool object, you could use the "allow overrides" option and define a different address range per appliance.

0 Helpful

Go to solution
NetworkMonkey101
Level 1
Level 1
In response to Rob Ingram

‎01-24-2025 04:22 AM - edited ‎01-24-2025 04:24 AM

Hi Rob, I change to pool at site 2 within the connection profile and site 1 is also change at the same time.. I think it's because I am using the same profile for each one, will test and update. Thanks!

Go to solution
Rob Ingram
VIP
VIP
In response to NetworkMonkey101

‎01-24-2025 04:29 AM

@NetworkMonkey101 yes.

Even if you are using the same object you can use the "Allow override" option and apply the different IP range to different FTDs. https://www.cisco.com/c/en/us/td/docs/security/secure-firewall/management-center/device-config/740/management-center-device-config-74/vpn-remote-access.html

 

0 Helpful

Go to solution
NetworkMonkey101
Level 1
Level 1

‎01-24-2025 04:32 AM

So I have create another group policy and set the IP pool within it but when in the connection profile if I set the address pool it over writes the other site still...

NetworkMonkey101_0-1737721903260.png

NetworkMonkey101_1-1737721924090.png

 Whatever I set it to above overwrites the other..

 

0 Helpful

Go to solution
MHM Cisco World
VIP
VIP
In response to NetworkMonkey101

‎01-24-2025 04:35 AM

We start with pool and now we end to change all VPN.

Friend add new vpn profile totally new abd use new object for new VPN pool.

In some point the fmc use same vpn config for both ftd sites

MHM

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card