Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VPN with Secure ACS/IP Address Pool

We have the following VPN topology working successfully:

Redundant PIX520 Firewalls (IOS 5.2.1)

VPN Client 1.1

Crypto dynamic-map setting for Corporate VPN users

Local IP address pool

We now want to provide authentication through the Secure ACS (2.6) NT 4 Server and have it assign IP addresses from a pool based upon group membership. We have been successful with the authentication part, but not with IP address assignment from the ACS pool. We have followed all configuration examples on CCO and even have an open TAC Case. Has anyone had success with this implementation? Thanks!

New Member

Re: VPN with Secure ACS/IP Address Pool

What did TAC have to say? I know there were a number of bugs in 5.2(1) so maybe an upgrade would be a place to start.

New Member

Re: VPN with Secure ACS/IP Address Pool

Hi John,

Thanks for the reply. TAC was basically stumpted...they didn't have any clear-cut examples for configuring the ACS NT Server, other than what's already on CCO. I agree that it could be IOS related. Are you running a version later that 5.2(1)? Here again, I've received conflicting info. from TAC - some engineers say 5.2(5) and to skip 5.3 entirely?? Any thoughts? Thanks!


New Member

Re: VPN with Secure ACS/IP Address Pool

We’re using 5.2(5). I never use the latest code especially a (1) or (2) anything.

CreatePlease login to create content