8-53
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
78-13751-01, Version 3.0
Chapter8 Establishing Cisco Secure ACS System Configuration IP Pools Server
To use IP pools, the AAA client must have network authorization (aaa
authorization network) and accounting (aaa accounting) enabled.
Note To use the IP Pools feature, you must set up your AAA client to perform
authentication and accounting using the same protocol—either TACACS+ or
RADIUS.
For information on assigning a group or user to an IP pool, see the “Setting IP
Address Assignment Method for a User Group” section on page 6-26 or the
“Assigning a User to a Client IP Address” section on page 7-11.
Allowing Overlapping IP Pools or Forcing Unique Pool Address RangesCisco Secure ACS provides automated detection of overlapping pools.
Note To use overlapping pools, you must be using RADIUS with virtual private
networking, and you cannot be using Dynamic Host Configuration Protocol
(DHCP).
You can determine whether overlapping IP pools are currently allowed by
checking which button appears below the AAA Server IP Pools table:
•Allow Overlapping Pool Address Ranges—Indicates that overlapping IP
pool address ranges are currently not allowed. Clicking the button allows IP
address ranges to overlap between pools.
•Force Unique Pool Address Range—Indicates that overlapping IP pool
address ranges are currently allowed. Clicking the button prevents IP address
ranges from overlapping between pools.