Static IP for the VPN user

Unanswered Question

Hi There,

We are using the ASA5550 for the client VPN implementation with IAS as the authentication server (Windows AD user accounts). Now, if we wish to have a user connect to our VPN who is a vendor and does not need whole lot of abilities to browse on the network while on VPN. We were just thinking if we can somehow assign the user's machine a specific IP so that he will always get this same IP, and then we will be able to place restrictions/ACL on this IP to limitize the user to access just what he allowed to.

Kindly let me know if we can have any functionality where we can attach an IP with the user-id in ASA and/or MS-IAS. Awaiting your response!

Thanks and regards,


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Federico Coto F... Thu, 04/01/2010 - 15:16
User Badges:
  • Green, 3000 points or more


If you create a separate group just for this user, you can authenticate him locally on the ASA and provide him with the same IP all the time.

Another option is to use a Radius attribute to assign the same IP address to the user always from a AAA server.



This Discussion