Reserved IP address from VPN DHCP Pool on Cisco 5520 ASA

Unanswered Question
Jan 11th, 2010
User Badges:
  • Gold, 750 points or more

/* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin-top:0in; mso-para-margin-right:0in; mso-para-margin-bottom:10.0pt; mso-para-margin-left:0in; line-height:115%; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin;}

Hi there,

I have a need to reserve two IPs addresses from VPN DCHP Pool from Cisco Firewall (5520 ASA) for two admin users who will connect to this an ASA5520 by using Cisco VPN clients.

Anybody has any suggestion how to reserve two IPs addresses from DHCP pool for specific users?

Many thanks in advance.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
conmurph Mon, 01/11/2010 - 13:47
User Badges:
  • Cisco Employee,


Hopefully someone can correct me if I'm wrong but I don't think there is an exclude function in the ASA. Would it be possible for you to setup something like the following?

static 1 :

static 2 :

dhcpd address inside



rizwanr74 Wed, 01/13/2010 - 08:23
User Badges:
  • Gold, 750 points or more

Thank you for taking time to reply.

Excluding two IPs is something achievable from VPN DHCP scoop, but not sure how you could assign those two IPs for specific users when these two users do VPN to ASA5520.  In other words, reserving those two IPs for selected users.   The reason behind for this to tightening SSH login to firewall or internal network for selected IPs addresses alone.

Look forward to hear from you.



This Discussion