Cisco Support Community
Community Member

Per user IP address allocation

I am currently using 2 AS5300s with 4 PRIs each. The AS5300 are doing AAA to Cisco ACS server via RADIUS. I am currently allocation address via an NT server running DHCP services. This has worked fine and dandy for over a year now, but of course things change. Managment now wants to limit where folks go when they dial into the network. My answer to this was/is to allocate addresses via Group/User and then apply access list againsts these addresses. I have been wrestling with this for about 3 days know and I can't seem to get it to work. I have four IP pools on the AS5300 and I have confiqured four goups in ACS and created a user in each group. When I dial into the AS5300 as one of these users I get an error "computer did not assign an address". Does anyone out there have this working, either with this set up or doing it another way?

Cisco Employee

Re: Per user IP address allocation

Another way to do that is "per-user access-lists"..So when user get authenticated, radius server will send access-lists for that user to access server.. You can share those access-lists (av pairs) for a whoe group of users.

Here is the place which discuss that

Another way is "filter-id"..Pl. visit

CreatePlease to create content