Cisco Systems 3.3 Manual De Usuario

you enable this feature, Cisco Secure ACS dynamically issues IP addresses from 
the IP pools you have defined by number or name. You can configure up to 999 IP 
pools, for approximately 255,000 users.

If you are using IP pooling and proxy, all accounting packets are proxied so that 
the Cisco Secure ACS that is assigning the IP addresses can confirm whether an 
IP address is already in use.

IP pool definitions are not replicated by the CiscoSecure Database Replication 
feature; however, user and group assignments to IP pools are replicated. By not 
replicating IP pool definitions, Cisco Secure ACS avoids inadvertently assigning 
an IP address that a replication partner has already assigned to a different 
workstation. To support IP pools in a AAA environment that uses replication, you 
must manually configure each secondary Cisco Secure ACS to have IP pools with 
names identical to the IP pools defined on the primary Cisco Secure ACS.

To use IP pools, the AAA client must have network authorization (in IOS, aaa 
authorization network) and accounting (in IOS, aaa accounting) enabled.

To use the IP Pools feature, you must set up your AAA client to perform 
authentication and accounting using the same protocol—either TACACS+ or 
RADIUS.

For information on assigning a group or user to an IP pool, see 

 or 

.

Cisco Secure ACS provides automated detection of overlapping pools.

To use overlapping pools, you must be using RADIUS with VPN, and you cannot 
be using Dynamic Host Configuration Protocol (DHCP).