SSLVPN Client IP Address usage - no free-ifconfig-pool addresses are available

  • 7014411
  • 14-Jan-2014
  • 03-Feb-2014


NetIQ Access Manager 3.x
NetIQ Access Manager SSLVPN server configured and running


  • Customer needed to be able to provide SSLVPN for up to 1028 simultaneous users
  • Configured NetIQ AM SSLVPN server with a class B subnet ( for clients, which should allow up to 1028 addresses
  • Customer then noticed that when the active number of SSLVPN clients connecting reaches 255 (+/- a couple), new clients were unable to connect
  • The '/var/log/open-vpn.log' would report: "MULTI:no free-ifconfig-pool addresses are available"


Configured the SSLVPN server with a larger subnet to increase the number of usable IP Addresses available for SSLVPN client connections


The SSLVPN server assigns each client connection four IP addresses.  So, the SSLVPN server subnet for clients needs to be configured to have IP address equal to: maximum number of simultaneous users multiplied by four.