I'm using a 3620 running 12.3.16a IP-FW-IDS 3DES code as a IPSec server for a single client, not site to site. The conneciton uses 10 dot addresses inside of a NAT. It uses a pool for the moment like
ip local pool ipsec-51 10.200.51.100 10.200.51.199
and I've found the source of one of my last problems. the 10 dot range is a natural Class A mask of 255.0.0.0. When the client connects, I have to manually change the tcp/ip properties of the Cisco VPN adapter to use class C masking, and the apps begin working.
So, what I want to do is to convert the local pool to a dhcp scope pool so that the mask is correct. But, Isakmp barfs over the dhcp pool
ip dhcp excluded-address 10.200.51.1 10.200.51.99
ip dhcp pool jeffvpn
network 10.200.51.0 255.255.255.0
dns-server 10.200.50.51 10.200.50.41
lease 0 4
and fails not letting the client get an ip address from this new pool.
I tried the same thing on a 3640 12.3.14T7 IPSec same problem. Any ideas?
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...