Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

How EZVPN client get its subnet mask

Hi,

my environment makes it necessary that client version 4.0.3 gets a 24 bits subnet mask for the virtual interface which is given an address from a 10.0.0.0/24 pool from the PIX. I tested with VPN3000 too but client assigns a 8bit mask itself. So I cannot access the other 10.0.0.0 subnets on client site hence the routing problem.

In debugs I found out that client not requests a subnet mask (no INTERNAL_IPV4_NETMASK requested in mode config).

Is it right that it is not possible to assign the client a subnet mask from EZVPN concentrator device or are there solutions?

Thanks

Andre

1 REPLY
Silver

Re: How EZVPN client get its subnet mask

vpn clients should get a /32 subnet mask - 255.255.255.255, or, whatever the SM of the inside interface is. I get a /32 statement for the outside 3000 interface, and the appropriate subnet mask for the inside one. This is with 4.02b on my laptop. I doubt 4.03 should be different

143
Views
0
Helpful
1
Replies