Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
258
Views
0
Helpful
3
Replies

Pix 525 with VPN client how to use IP pool from ACS

mlheureux
Level 1
Level 1

‎10-03-2002 01:02 PM - edited ‎02-21-2020 12:06 PM

I am able to use my pix to assign ip address to vpn client with command

isakmp client configuration address-pool local vpnclientIpPool outside or

vpngroup XXX address pool XXX .

But how do you use the ACS IP pool server? If you remove the previous command from the pix it doesn`t work.

Christian Heroux

Labels:
0 Helpful
3 Replies 3

Nairi Adamian
Cisco Employee
Cisco Employee

‎10-03-2002 08:08 PM

There is no option on the pix to assign address from ACS pool, only local pool can be used.

Hope this helps,

-Nairi

0 Helpful

mlheureux
Level 1
Level 1
In response to Nairi Adamian

‎10-04-2002 05:18 AM

Thanks a lot Nairi !

I have been fighting with that option in my lab for a while. There are any other function that would work?

I will try in my lab to use the ACS to specify which aaa client local pool to use in my client. I was also planning to try the static IP address. Should they work with the pix and vpn architecture?

In a user configuration There is an option "Client IP Address Assignment ->Assigned by AAA client pool XXXX" and also another field "Assign static IP address XXXX"

Christian Heroux

0 Helpful

Nairi Adamian
Cisco Employee
Cisco Employee
In response to mlheureux

‎10-04-2002 09:07 PM

The pix can only assign address to vpn client using the local pool on the pix iteself.

The options for pool on the ACS server can be used in other cases for example dialing in to a router.

hope this helps

-Nairi

0 Helpful
Customers Also Viewed These Support Documents