Create an IP Address Pool
If the remote client is using the Easy VPN Server to obtain its IP address, you must define a
local address pool using the ip local pool command. The syntax for this command is as
follows:
ip local pool {pool_name low_ip_address [-high_ip_address]}
For instance, suppose that you want to assign the remote clients addresses in the range from
10.20.100.1 through 10.20.100.254. Using a pool name of vpn-pool, then the command line
would be as follows:
Pix(config)# ip local pool vpn_pool 10.20.100.1-10.20.100.254
lifetime Keyword indicating that the next parameter specifies the lifetime for the IKE policy.
md5 Specifies that the MD5 hash algorithm will be used by the IKE policy.
pre-share Specifies that the IKE policy will use preshared keys for initial authentication.
priority An integer (1 to 65,534) uniquely identifying the IKE policy and assigning it a
priority (1 is the highest priority, and 65,534 is the lowest priority).
rsa-sig Specifies that the IKE policy will use RSA signatures for initial authentication.
sha Specifies that the SHA-1 hash algorithm will be used by the IKE policy. This is the
default hash algorithm.
Table 14-3 isakmp policy Parameters (Continued)
Parameter Description
412 Chapter 14: Configuring Access VPNs