Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)

VPN Pool

Hi guy,

I’m using a cisco 5510 ASA at the head office and all the branches (32) connect to the head office via cisco VPN client(Remote access VPN),  as per the configuration branches used to get ip addresses from the VPN pool randomly.  Now, my requirement is I need that each branch should get the same ip address every time when the VPN is established. Is this feasible? Please advise.

Regards,

Suthakar

2 ACCEPTED SOLUTIONS

Accepted Solutions

VPN Pool

Hello Suthakar,

By same IP address do you mean on the same subnet or the same host ip address.

If the query its on the same subnet it is possible, if the query is to have the same host ip address for all the users no.

It is possible to configure a map ip address to a username but again it would be just to one username.

Regards,

Julios

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
Bronze

VPN Pool

You can use the 'vpn-framed-ip-address' command under the username configuration to assign a static ip from the ippool.

3 REPLIES

VPN Pool

Hello Suthakar,

By same IP address do you mean on the same subnet or the same host ip address.

If the query its on the same subnet it is possible, if the query is to have the same host ip address for all the users no.

It is possible to configure a map ip address to a username but again it would be just to one username.

Regards,

Julios

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
Bronze

VPN Pool

You can use the 'vpn-framed-ip-address' command under the username configuration to assign a static ip from the ippool.

VPN Pool

Hi Julios,

Will yeah I need the remote branches to get the ip addresses from the same range, infact I've allocated 50 ip addresses from the local (LAN) ip range. Further each branch should get an dedicated ip address for its own.

Further I've achieved the requirement by using the "vpn-framed-ip-address" (mentioned by patrick0711's).

Thank you so much, your reply really helped me to solve the issue.

Hi Patrick,

As you have mentioned I've manged to achieved the requirment by using the "vpn-framed-ip-address" command.

Thanks alot it really helped.

Regards,

Suthakar

304
Views
0
Helpful
3
Replies
CreatePlease to create content