1. Administrative Security Guide
  2. IKEv2 Support
  3. Local Address Pool Configuration
  4. Local Address Pool Configuration

Local Address Pool Configuration

You configure an address pool by associating a contiguous range or ranges of IPv4 or IPv6 addresses with an existing data-flow.

Note:

An address pool can contain multiple contiguous ranges of IP addresses. However, all defined ranges must specify the same type of IP address: You cannot include IPv4 and IPv6 addresses in the same address pool.
  1. Access the local-address-pool configuration element. 
    ORACLE# configure terminal
ORACLE(configure)# security
ORACLE(security)# ike
ORACLE(ike)# local-address-pool
ORACLE(local-address-pool)#
  2. name—Provide a unique identifier for this 
local-address-pool instance.
  3. dns-assignment—Identify the DNS source used to respond to incoming IKE_AUTH requests for DNS information.
    • local—Use locally configured configuration data as the source of DNS information
    • radius—Use a remote RADIUS AAA server as the source of DNS information.
    • radius-local—Use a remote RADIUS AAA server as the preferred source of DNS information. If no DNS data is available from the RADIUS server, use locally configured DNS information.
  4. dns-realm-id—Provide the name of the realm that supports transit to that RADIUS server.
    The dns-realm-id parameter can be safely ignored if local is specified as the DNS source.
  5. data-flow—Identify the data-flow configuration element assigned to this local-address-pool instance.
  6. address-range—Access the address-range configuration mode.
    • If building an address pool of contiguous IPv4 addresses, use network-address with subnet-mask to define a contiguous range of IPv4 addresses. 
      ORACLE(address-range)# network-address 192.168.0.0
ORACLE(address-range)# subnet-mask 255.255.255.96
    • If building an address pool of contiguous IPv6 addresses, use network-address parameter to provide both the IPv6 address and the bit length of the network prefix (an integer within the range 1 through 128). Leave the subnet-mask blank. 
      ORACLE(address-range)# network-address 1080::ac10:202/96
  7. Type done to save your configuration. and exit to complete configuration of the address-range instance.
  8. If required, add additional address ranges to this 
address-range instance
  9. Type done to complete configuration of the local-address-pool instance.