11-18-2002 10:33 AM - edited 02-21-2020 12:11 PM
I'm using PIX 515E and Cisco ACS 3.0.2. I'm providing VPN access to our remote users using PIX and ACS. Everything works fine if I assign IP address to the remote users using the following commands. However, I'd like to be able to use the IP pool defined at the ACS. What command do I need to run on the PIX to make it assign IP addresses from the ACS and not the local IP Pool?
ip local pool IPPool1 10.151.1.1-10.151.1.254
vpngroup vpngroup1 address-pool IPPool1
Thanx,
11-18-2002 04:49 PM
You can't do this, the PIX will only assign users IP addresses out of the local pool. Sorry.
11-18-2002 04:50 PM
In addittion to my last post, another reason you can't do this is that the PIX doesn't support Accounting of VPN connections, and without accounting, the ACS server would never know that a user has disconnected and that it can release the allocated IP address back into the pool.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide