Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
279
Views
0
Helpful
2
Replies

VPN Users and IP Assignment

kendo.igor
Level 1
Level 1

‎11-18-2002 10:33 AM - edited ‎02-21-2020 12:11 PM

I'm using PIX 515E and Cisco ACS 3.0.2. I'm providing VPN access to our remote users using PIX and ACS. Everything works fine if I assign IP address to the remote users using the following commands. However, I'd like to be able to use the IP pool defined at the ACS. What command do I need to run on the PIX to make it assign IP addresses from the ACS and not the local IP Pool?

ip local pool IPPool1 10.151.1.1-10.151.1.254

vpngroup vpngroup1 address-pool IPPool1

Thanx,

Labels:
0 Helpful
2 Replies 2

gfullage
Cisco Employee
Cisco Employee

‎11-18-2002 04:49 PM

You can't do this, the PIX will only assign users IP addresses out of the local pool. Sorry.

0 Helpful

gfullage
Cisco Employee
Cisco Employee
In response to gfullage

‎11-18-2002 04:50 PM

In addittion to my last post, another reason you can't do this is that the PIX doesn't support Accounting of VPN connections, and without accounting, the ACS server would never know that a user has disconnected and that it can release the allocated IP address back into the pool.

0 Helpful
Customers Also Viewed These Support Documents