Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VPN Users and IP Assignment

I'm using PIX 515E and Cisco ACS 3.0.2. I'm providing VPN access to our remote users using PIX and ACS. Everything works fine if I assign IP address to the remote users using the following commands. However, I'd like to be able to use the IP pool defined at the ACS. What command do I need to run on the PIX to make it assign IP addresses from the ACS and not the local IP Pool?

ip local pool IPPool1

vpngroup vpngroup1 address-pool IPPool1


Cisco Employee

Re: VPN Users and IP Assignment

You can't do this, the PIX will only assign users IP addresses out of the local pool. Sorry.

Cisco Employee

Re: VPN Users and IP Assignment

In addittion to my last post, another reason you can't do this is that the PIX doesn't support Accounting of VPN connections, and without accounting, the ACS server would never know that a user has disconnected and that it can release the allocated IP address back into the pool.

CreatePlease to create content