VPN Adapter IP config

Unanswered Question
Mar 16th, 2007
User Badges:

When I connect to the pix 515 from home using VPN client 4.8 and look at the IP config of the Cisco Systems VPN Adapter on my laptop this is the config

IP Address....10.1.2.40

Subnet Mask...255.0.0.0

Default Gateway.. 10.0.0.1

the IP comes from the

ip local pool ippool 10.1.2.1-10.1.2.254

Where is it getting the submask and default gateway info I do not see anything in my PIX config other than the ip local pool statement and how does it work with that default gateway?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
acomiskey Fri, 03/16/2007 - 19:11
User Badges:
  • Green, 3000 points or more

You cannot define the mask, it goes by class, 10.=/8, 172.=/16, 192.=/24. I always thought that the dg was the same as your ip.



Kamal Malhotra Sat, 03/17/2007 - 20:14
User Badges:
  • Cisco Employee,

Hi,


As a matter of fact you CAN define the subnet mask on the PIX. If you don't configure the subnet mask with the pool then it picks the deafult mask of the class. The default gateway of the client (once connected) is the pool IP assigned to the client.


This is how you configure the subnet mask with the pool :


6.3 version:


http://www.cisco.com/en/US/customer/products/sw/secursw/ps2120/products_command_reference_chapter09186a00801727a9.html#wp1027172


7.x version :


http://www.cisco.com/en/US/customer/products/ps6120/products_command_reference_chapter09186a00805fd87d.html#wp1648293


HTH,


Please rate if helps.


Regards,


Kamal

servnj Sun, 03/18/2007 - 03:07
User Badges:

Ok, you said that "The default gateway of the client (once connected) is the pool IP assigned to the client." but if you look at my default gateway it is not the same subnet.

kaachary Sun, 03/18/2007 - 13:26
User Badges:
  • Cisco Employee,

Hi,


The default behavior for VPN client gateway assignment was changed since version 4.8.02.XX

. It will now take the first available ip address in thte range as the default gateway. Sicne, the subnet mask you are using is 10.0.0.0/8, it will take 10.0.0.1 as the default gateway.


This doesn't affect the overall routing though.


*Please rate if helped.


-Kanishka

Actions

This Discussion