I have a VPN Concentrator 3020 in my structure and i'm configuring IP address assignment by an external DHCP Server.
there is no problem in that: the client authenticates and then receives its IP address..
the problem is that i need to configure reservation on the DHCP Server.. the question is: which is the mac address we have to use for the reservation?
i saw on the server that the mac address of the dhcp request is something like that 0003a08a5308020e7f28f4e9a82000, that is the mac address of the external interface of the vpn concentrator, plus many other characters, that don't seem to be related to the client or any other component in the network, and change everytime we connect..
I think I can't assign the IP address statically on the Concentrator or the ACS, because the users authenticates on the VPN Concentrator through MS Active Directory, so they don't really exist on these devices..
does anyone know how can I make this work?
thanks a lot
You can't do that with ip address assigned from DHCP server.
You can configure LDAP server to assign individual ip address depending on which user authenticates for vpn client access.
You will need to configure LDAP server for authorization in the VPN Concentrator, as well as enable "Use Address from Authentication Server" for the ip address assignment.