vpn virtual addresses
We have a Cisco VPN3030 concentrator installed on our network. When someone
establishes a session he/she is assigned an address in a pool from n.n.n.11
to n.n.n.254. We have put a negative entry in our seedfile to prevent
discovery of these 'virtual' addresses (i.e. !nnn.nnn.nnn.11-254), however
Netview occasionally discovers one of these addresses (despite the seedfile
entry) and adds it as an interface on the VPN. When the person logs off, a
IFDOWN alert is generated. The IF remains red on the map until it is
demandpolled, at which time Netview deletes the entry and issues a NODEUP.
Any ideas? Why isn't the negative seedfile entry working in this case?
Jack Kenney, MCP+I, MCSE
CTS/Enterprise Management Tools
Phone: (617) 572-1031
Email: jkenney AT jhancock DOT com