Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

ASA VPN local pool

All,

I don't see a problem with this, but I wanted to ask your opinion. Currently, we have a local pool on our ASA that hands out 192.168.100.1 - .254. I want to extend this range, and my idea is to assign a 172.16.0.0/22. This would give me 1022 hosts.

Considering this is only for VPN, there shouldn't be any issues with changing the pool for this, correct? Or is it possible for me to add another two or three local pools for the VPN to pull from when the first pool is exhausted?

Thanks!

John

HTH, John *** Please rate all useful posts ***
1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: ASA VPN local pool

John,

Both the above options are valid. You can reconfigure the pool to a /22 subnet or configure multiple pools. Just make sure that you edit your NAT 0 ACL, Split Tunnel, Internal routing to reflect the newly configured pool.

Also, you can configure upto 6 address pools under the IPSEC Attributes.

Example:

tunnel-group DefaultRAGroup general-attributes

address-pool VPNPOOL-1

address-pool VPNPOOL-2

address-pool VPNPOOL-3

address-pool VPNPOOL-4

address-pool VPNPOOL-5

address-pool VPNPOOL-6

Regards,

Arul

*Pls rate if it helps*

1 REPLY
Cisco Employee

Re: ASA VPN local pool

John,

Both the above options are valid. You can reconfigure the pool to a /22 subnet or configure multiple pools. Just make sure that you edit your NAT 0 ACL, Split Tunnel, Internal routing to reflect the newly configured pool.

Also, you can configure upto 6 address pools under the IPSEC Attributes.

Example:

tunnel-group DefaultRAGroup general-attributes

address-pool VPNPOOL-1

address-pool VPNPOOL-2

address-pool VPNPOOL-3

address-pool VPNPOOL-4

address-pool VPNPOOL-5

address-pool VPNPOOL-6

Regards,

Arul

*Pls rate if it helps*

160
Views
0
Helpful
1
Replies