Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5539
Views
0
Helpful
6
Replies

VPN IP local pool

Go to solution
johnnywi43
Level 1
Level 1

‎01-06-2012 03:50 PM

We are testing the upgrade from version 8.2 to 8.4 on an ASA 5505 and ran into a problem. For VPN connections we had pools created. A few of the pools were limited to a single IP address. After the upgrade the ASA rejects the pools that only had one IP address instead of a range. In the command line if you enter a question mark after typing in "ip local pool (pool keyword)" in config mode it says "Specify an IP address or a range of IP addresses:start[-end]" with the word "or" it sounds like it should except a single IP address but it doesn't. The error is "Please enter a valid IP address range."

Does anyone know the soultion to this problem besides increasing the range?

Thanks for your input.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
mvsheik123
Level 7
Level 7
In response to johnnywi43

‎01-09-2012 08:45 AM

The below syntax worked for me on 5505 with ver 8.3

ip local pool test 192.168.10.1 mask 255.255.255.255

Check if this works for you.

hth

MS

View solution in original post

0 Helpful
6 Replies 6

Go to solution
Dennis Leon
Cisco Employee
Cisco Employee

‎01-06-2012 08:03 PM

Have you tried using a range that starts and ends with the same IP address?

0 Helpful

Go to solution
ajay chauhan
Level 7
Level 7
In response to Dennis Leon

‎01-07-2012 05:30 AM

I agree with Dennis you should repeat same IP in while using range-

For example-

ip local pool vpn-pool 10.1.2.1-10.1.2.1 netmask xxxx

Thanks

Ajay

0 Helpful

Go to solution
johnnywi43
Level 1
Level 1

‎01-09-2012 07:41 AM

Thank you for the replies. That is how we use to do it. We had a range with the same ip address as the start and end but that gives us the error. So we tried just using the address and that gives us the error too.

0 Helpful

Go to solution
mvsheik123
Level 7
Level 7
In response to johnnywi43

‎01-09-2012 08:45 AM

The below syntax worked for me on 5505 with ver 8.3

ip local pool test 192.168.10.1 mask 255.255.255.255

Check if this works for you.

hth

MS

0 Helpful

Go to solution
johnnywi43
Level 1
Level 1

‎01-09-2012 09:11 AM

Thanks for the reply. I just relized that I was using the wrong mask. Thanks everyone for your help.

0 Helpful

Go to solution
issagadiallo8821
Level 1
Level 1
In response to johnnywi43

‎07-07-2020 03:54 AM

Hello Everyone,

 

I have a proble with IP local pool configuration on ASA 5506-X

My IP local pool is: ip local pool POOL-LAN 1.1.1.1-1.1.1.7 mask 255.255.255.255.

It's work perfectely for three EasyVPN

I have set up three easyVPN between the ASA and cisco 819 4G, this work perfectly but I can't add a a fourth.

When I try to add it (fourth Easy VPN),  The ASA gives it an IP already used on the IP pool by the other 3 and this put down the active VPN.

however by making a show ip local pool, it shows me well the IPs used and the availables IPs.

what I do not understand why it does not take an available IP instead of an IP used on the local Pool by another cisco 819 4G.

is it limited to three? or is it configuration?

Thank for any Help

0 Helpful
Customers Also Viewed These Support Documents