Hi,
-I have a PIX 506 6.3(3) configured with a vpngroup.
-The vpngroup is calling an ip local pool ip local pool vpnpool1 10.220.63.208-10.220.63.223
and a split tunnel list access-list split1 permit ip 10.220.63.192 255.255.255.192 10.220.63.208
255.255.255.240-At the client ( Cisco VPN 4.6.00.0049) statistics shows for Route Details a Secured route for 10.220.63.192 255.255.255.192
BUT and here is the problem, a route print in windows shows a new route for
10.0.0.0 255.0.0.0 with 10.220.63.210 as the gateway. I don't want this route i want only the route for 10.220.63.208 255.255.255.240.After checking the PIX command reference , i saw that i should be able to specify a mask in the ip local pool command.
ip local pool pool_name pool_start_address[-pool_end_address] [mask mask]
I tried to modify my ip local pool command with no success ip local pool vpnpool1 10.220.63.208-10.220.63.223 mask 255.255.255.240 doesn't work. ( yes i removed the vpngroup entry prior to do that).
At the PIX the possible syntax shown for ip local pool is "usage: [no] ip local pool [-] no mention of a mask argument.
So what exactly is the rule here , can we provide a mask for the client or not ? Did i made a mistake in the syntax ? I tried with the word mask , netmask and just the mask itself.
Or is there another way to get rid of this route , other than doing a route delete 10.0.0.0 everytime we log in.
thanks