Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 553
  • Last Modified:

Disable "IP LOCAL POOL" in Cisco ASA 5520 VPN

I have two ASA 5520 that currently has several pools / groups setup on it.

Refer to the code below. I would like to deactivate NAME1, NAME2, NAME3, and NAME4.

However i would like to leave NAME5 active.

Also, I want to leave the deactivated code in my config.

ip local pool NAME1 mask
ip local pool NAME2 mask
ip local pool NAME3 mask
ip local pool NAME4 mask
ip local pool NAME5 mask

Open in new window

  • 2
1 Solution
You can't really "deactivate" a pool. Either you assign the pool to a policy, or you leave it alone.
Just the act of defining the pool does not "activate" it anyway. You must select that pool to assign addresses in a VPN group policy.
c-h-r-i-s-t-o-p-hAuthor Commented:
What command assigns the pool to a policy?
tunnel-group <GROUP> general-attributes
 address-pool NAME


Featured Post

Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now