Does anybody now if you can configure multiple address pools on the PIX (ip local pool vpn1, ip local pool vpn2 etc)
If so do they have to be on seperate IP subnets (because they are automatically assigned a default classfull subnet mask).
I am trying to have specific IP addresses assigned to users, so when a user VPNs in they are given a known IP address. I know this can be done using TACACS+ but was wondering if the pools would do it.
Here is an example that I have tried. This will indeed assign the corresponding address but when a second VPN user connects they get the same address as the first, the first VPN then will not work.
ip local pool vpnpool01 192.168.245.100-192.168.245.199
ip local pool vpnpool01 192.168.245.10-192.168.245.19
ip local pool vpnpool01 192.168.245.20-192.168.245.39
ip local pool vpnpool01 192.168.245.40
ip local pool vpnpool01 192.168.245.41
ip local pool vpnpool01 192.168.245.42
ip local pool vpnpool01 192.168.245.44
ip local pool vpnpool01 192.168.245.46
ip local pool vpnpool01 192.168.245.47
Or should it be
ip local pool vpnpool01 192.168.245.1-192.168.245.99
ip local pool vpnpool02 192.168.246.1-192.168.245.9
ip local pool vpnpool03 192.168.247.1-192.168.245.19
ip local pool vpnpool04 192.168.248.1
ip local pool vpnpool05 192.168.249.1
ip local pool vpnpool06 192.168.250.1
ip local pool vpnpool07 192.168.251.1
ip local pool vpnpool08 192.168.252.1
ip local pool vpnpool09 192.168.253.1
This would seem a waste of addresses just for one user.
Any thoughts?
If so do they have to be on seperate IP subnets (because they are automatically assigned a default classfull subnet mask).
I am trying to have specific IP addresses assigned to users, so when a user VPNs in they are given a known IP address. I know this can be done using TACACS+ but was wondering if the pools would do it.
Here is an example that I have tried. This will indeed assign the corresponding address but when a second VPN user connects they get the same address as the first, the first VPN then will not work.
ip local pool vpnpool01 192.168.245.100-192.168.245.199
ip local pool vpnpool01 192.168.245.10-192.168.245.19
ip local pool vpnpool01 192.168.245.20-192.168.245.39
ip local pool vpnpool01 192.168.245.40
ip local pool vpnpool01 192.168.245.41
ip local pool vpnpool01 192.168.245.42
ip local pool vpnpool01 192.168.245.44
ip local pool vpnpool01 192.168.245.46
ip local pool vpnpool01 192.168.245.47
Or should it be
ip local pool vpnpool01 192.168.245.1-192.168.245.99
ip local pool vpnpool02 192.168.246.1-192.168.245.9
ip local pool vpnpool03 192.168.247.1-192.168.245.19
ip local pool vpnpool04 192.168.248.1
ip local pool vpnpool05 192.168.249.1
ip local pool vpnpool06 192.168.250.1
ip local pool vpnpool07 192.168.251.1
ip local pool vpnpool08 192.168.252.1
ip local pool vpnpool09 192.168.253.1
This would seem a waste of addresses just for one user.
Any thoughts?