02-12-2010 09:44 AM - edited 02-21-2020 04:29 PM
Hello,
I have a Radius Server setup right now with my users being authorized. Right now, they are getting assigned IP addresses to 1 ip local pool. I need to seperate them into groups and the users in those groups need to be assigned their own IPs. What will allow me to assign group specific IP addresses to my VPN users (who are seperated into groups on Radius/MySQL already)?
Example:
Groups:
Accounting
Sales
Management
For those groups:
ip local pool Accounting
ip local pool Sales
ip local pool Management
Users:
Sally - Accounting
John - Sales
Aaron - Management
Thank you,
02-18-2010 10:07 AM
If your radius server supports it you can use local pools on this server and assign a pool to each group the user belongs to, if your anyconnect server is an ASA you can define the pools under the tunnel groups or under the group policies and use the class value mapping to map users to each group policy and use the defined pool.
12-11-2012 06:53 AM
Can you tell me a littelbit more about configuration? Because i ve tried to find some more information. and i didn't find it. i am useng ACS 5.2.
12-11-2012 03:21 PM
Hi Kendo
I've implemented something similar but used the defined URL in the anyconnect profile to create the varying pools. In your example the clients might use, yourvpn.yourcompany.com/sales or yourvpn.yourcompany.com/accounts.
It's all down to giving the users the varying urls.
Best Regards
Ju
http://helpamunky.wordpress.com/
Sent from Cisco Technical Support iPad App
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: