VPN address pool disappears from PDM

VPN address pool disappears from PDM
NewsGroups | Search | Tools
User Password
Register Now! Lost Password?
 comp.dcom.sys.cisco  Post an article  get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content  add this group's latest topics to your Google content  YahooMyWeb Yahoo!  Google Google  Windows Live Favorites Windows Live  del.icio.us del.icio.us  digg digg  Add to Netscape Netscape
Subject Author Date
VPN address pool disappears from PDM dbwmn2001 04-12-2006
Posted by on April 12, 2006, 9:23 am
If you were  Registered and logged in, you could reply and use other advanced thread options
I am configuring a PIX 501 device. What I've done many times on many
other PIXes is creating an IP pool in order to assign a range of
addresses for clients connecting via VPN.
My usual procedure using the PDM was:
1) Create a pool named VPNPool with an address of
192.168.40.248-192.168.40.251
2) Create a policy to allow traffic from the inside network
192.168.40.0/24 to the outside 192.168.40.248/30
3) Configuring the Cisco VPN Client tab

Here comes the trouble:
On all other times I configured a pix the name of the pool appeared on
the host/networks and it was not modifiable.
Now, instead, as soon as I create the policy I'm asked to create a name
(with requests to route it) and as soon as I apply the policy the IP
pool I created disappears from the IP pool window under VPN. The PDM
has a warning stating that the pdm does not understand the command ip
local pool VPNPool VPNPool-192.168.40.251

What is going wrong? I've done this dozens of times on 515E and 506E
models. Is it a problem of the 501?
I've read somewhere that there's a problem when the address pool
overlaps the inside network range, but I never had a problem using this
method on all other configuration.
Thanks for your help


Posted by Jyri Korhonen on April 12, 2006, 9:31 am
If you were  Registered and logged in, you could reply and use other advanced thread options

> The PDM has a warning stating that the pdm does not
> understand the command
>
> ip local pool VPNPool VPNPool-192.168.40.251

Do you have

name 192.168.40.248 VPNPool

If yes, you might want to remove it.


Posted by on April 12, 2006, 10:20 am
If you were  Registered and logged in, you could reply and use other advanced thread options
No, it's the PDM which requires me to introduce a name (and I chose the
same name of the IP Pool). Even using a different name gives the same
problem
Thanks
Dave

Jyri Korhonen wrote:
>
> > The PDM has a warning stating that the pdm does not
> > understand the command
> >
> > ip local pool VPNPool VPNPool-192.168.40.251
>
> Do you have
>
> name 192.168.40.248 VPNPool
>
> If yes, you might want to remove it.


Similar ThreadsPosted
VPN -- why do I see the remote IP address (not vpn pool addr) in my log? February 10, 2006, 1:35 pm
nat for pool September 12, 2006, 9:30 am
Nat Pool July 25, 2008, 3:18 pm
reading the nat pool September 19, 2005, 12:21 pm
ezvpn: ip pool necessary? June 27, 2006, 1:54 pm
Pool Manager uses 40% of CPU November 5, 2006, 4:43 am
dynamically assigning NAT pool? August 9, 2004, 5:55 am
PIX - ip local pool - question April 27, 2005, 8:32 pm
rephrased: 2621 nat pool September 22, 2005, 5:14 pm
ip local pool question January 11, 2006, 6:08 pm

other useful resources:
The Federal Communications Commission (FCC)
Telecommunications Industry Association
Electronic and Software Security Products and Services
International Telecommunication Union

Custom CGI Perl and PHP programming by 1-Script.com

Contact Us | Privacy Policy
The site map in XML format XML site map