I'm currently testing an ASA 5520 to provide remote access to a network via IPSec. Everything is working fine, and when the clients connect to the ASA via IPSec, they get an IP address assigned from a DHCP server on the inside network. IP address assignment is working fine, but I've noticed that the subnet mask that is displayed when I run 'ipconfig' is incorrect. Instead of showing a subnet mask of 255.255.0.0, which is what it should be, I am seeing 255.0.0.0. What controls this subnet mask? I would have expected 255.255.0.0, or maybe even 255.255.255.255. I know the DHCP server is working properly, and VPN clients are working just fine, but I'm curious why the subnet mask is wrong.
For what's worth, the VPN 3000 that this ASA will be replacing is setup with the exact same configuration, and when I IPSec into the VPN3000, I see the proper subnet mask.
Does anyone know why the subnet mask would be showing up incorrectly? Even though it is technically working, I'm concerned that maybe I may have overlooked something.