Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

IP addressing; client cannot obtain; DHCP

Hello,

VPN 3000 4.0rel with XP SP2 clients. "Use assigned address pools" is checked and I've created an address pool of 25 IPs.

After a user gets disconnected due to "IKE lost contact, keepalive..." the user cannot reconnect because of the "cannot obtain IP address" error.

Question: if not instantly, how long does it take for the PIX to release an IP address of a disconnected client? It's not the case that it never releases since that would mean after several days no one would be able to log in, so it disqualifies the CSCed22637 bug (Pool addresses marked as externally in use are never re-enabled).

Any insight appreciated!

1 REPLY
Bronze

Re: IP addressing; client cannot obtain; DHCP

I think that the PIX should release the IP address as configured when the client is disconnected. However the address may not get released if the crypto association is still there. You can check it by using command show crypto ipsec sa. I think using PPTP may help you. Following link may help you

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080093f89.shtml

113
Views
0
Helpful
1
Replies
CreatePlease to create content