I have just received a new ASA 5510 to replace our existing 3000-series concentrator, and am starting its configuration.
I would like to have some users assigned fixed IP addresses (some of our server admins still like to lock this down). However, I don't want to do this for everyone. We are using ACS4.2 with a backend into Oracle IDM LDAP (I only have control of the ACS, not the LDAP).
Is it possible to set up so most users authenticated by ACS/LDAP get an address from the pool, but selected others get a fixed IP? On the 3000 VPN the previous admins made local users for fixed IP and everyone else authed off RADIUS, but I'd like to centralise.
Also, the ACS is being used for other stuff, like Wireless Auth using NAPs.
Any pointers would be extremely useful.