This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

IP pool problem

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

IP pool problem

Marivi
L2 Linker

‎09-24-2018 03:58 AM

Hello,

I have an IP pool for GP users  and IP are no being clearing when users disconnect the VPN, to clear this IPs we have to reboot the FW,

Is there other way to clear this addres ? 

this must be cleared automatically after disconnect?

 

Regards

 

0 Likes Likes
9 REPLIES 9

kiwi
Community Team Member

‎09-24-2018 05:46 AM

Hi @Marivi,

 

Can you clarify ?

Are you still seeing the user to IP mapping ?

 

 

 

Cheers,

-Kiwi.

 
LIVEcommunity team member, CISSP
Cheers,
Kiwi
Please help out other users and “Accept as Solution” if a post helps solve your problem !

Read more about how and why to accept solutions.
0 Likes Likes

VinceM
L5 Sessionator

‎09-24-2018 07:01 AM

Hi,

On my side it works.

Which version have you in your palo ?

 

V.

0 Likes Likes

Marivi
L2 Linker
In response to VinceM

‎09-24-2018 07:43 AM

hello,

7.1.16 ...

0 Likes Likes

Marivi
L2 Linker
In response to kiwi

‎09-24-2018 07:44 AM

hello,

don't see users 

0 Likes Likes

BPry
Cyber Elite
Cyber Elite
In response to Marivi

‎09-24-2018 07:52 AM

@Marivi,

Are you seeing this anywhere within the Gateway informaiton or where exactly are you seeing the IP not getting released? I'm guessing that everyone needs a bit more information on what/where exactly you are seeing the IP not getting released. 

0 Likes Likes

Remo
L7 Applicator
In response to BPry

‎09-24-2018 08:28 AM

Hmn ... is the IP even released? I never really thought about this, but my assumption was that the clients and the assigned IPs are cached till the pool is full. So when a client that was already connected normally gets the same IP and only if there are no more "free" IPs the firewall takes an IP from the "pool" of not connected devices.

0 Likes Likes

BPry
Cyber Elite
Cyber Elite
In response to Remo

‎09-24-2018 08:39 AM

@Remo,

I think everything you've said is the same thing that I've noticed in my testing. As long as the client is still present in the 'Previous Users' table they'll be assigned the same IP address each time they connect. I've never had a time were I've not had a big enough IP Pool, so I can't really speak on what happens if there aren't anymore 'free' IPs. 

0 Likes Likes

VinceM
L5 Sessionator

‎09-24-2018 08:42 AM

Hi

Following @Remo remark.

@Marivi have you got more GP user than IP adress in the pool ?

 

V.

0 Likes Likes

Marivi
L2 Linker
In response to VinceM

‎10-02-2018 06:53 AM

hello when I put the command > show user ip-user-mapping all, Doesn’t show any IP address from users over Global Protect.

0 Likes Likes
  • 5373 Views
  • 9 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks