Cisco AnyConnect - Radius Auth with Local IP assignment

Unanswered Question
Feb 12th, 2010
User Badges:


I have a Radius Server setup right now with my users being authorized. Right now, they are getting assigned IP addresses to 1 ip local pool. I need to seperate them into groups and the users in those groups need to be assigned their own IPs. What will allow me to assign group specific IP addresses to my VPN users (who are seperated into groups on Radius/MySQL already)?






For those groups:

ip local pool Accounting

ip local pool Sales

ip local pool Management


Sally - Accounting

John - Sales

Aaron - Management

Thank you,

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Ivan Martinon Thu, 02/18/2010 - 10:07
User Badges:
  • Cisco Employee,

If your radius server supports it you can use local pools on this server and assign a pool to each group the user belongs to, if your anyconnect server is an ASA you can define the pools under the tunnel groups or under the group policies and use the class value mapping to map users to each group policy and use the defined pool.

shakirovshm Tue, 12/11/2012 - 06:53
User Badges:

Can you tell me a littelbit more about configuration? Because i ve tried to find some more information. and i didn't find it. i am useng ACS 5.2.

ju_mobile Tue, 12/11/2012 - 15:21
User Badges:

Hi Kendo

I've implemented something similar but used the defined URL in the anyconnect profile to create the varying pools. In your example the clients might use, or
It's all down to giving the users the varying urls.

Best Regards


Sent from Cisco Technical Support iPad App


This Discussion