Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

Bronze

ASA "ip local pool" routes not being added

I'm configuring WebVPN on an ASA, and using the "ip local pool" command to define a range of addresses that the clients will be assigned once they VPN in. This IP range is /not/ from any directly connected networks and/or already in the existing routing table.

So although remote users can WebVPN into the ASA with no problem, they can't get anywhere afterwards.

I can add a static route on an internal router to point to the ASA for that subnet, but my gut tells me I should be adding the route as close to the ASA as possible, preferably ON the asa.

What do I need to do to get the routes for the local pool added to the ASA's routing table? Is this a case for reverse-route injection? (which I'm not as familiar with as I should be, hence the post.) Should I just add it to the internal router for simplicity?

Ultimately this config is going to be put on about 15 ASA's company-wide, so its important to get right the first time.

Pros/cons would be appreciated. Thanks!

- Neil

323
Views
0
Helpful
0
Replies