08-29-2010 03:48 PM - edited 02-21-2020 04:04 AM
We have a remote client that connects to our ASA via a VPN connection. They receive an IP address via a DHCP pool from the ASA. I need to NAT one of the devices to another network. What is the easist way to tell what IP address they are receiving from the DHCP pool when they attached to the ASA?
Thanks
Brent
08-30-2010 01:02 AM
If you are using a pool of ip address from ASA (using the "ip local pool' command to assign ip address to the vpn client), then it will be dynamically assigned.
One way you can ensure that the user gets the same ip address is to configure a different group and vpn pool for that particular user, and in that case, the user will always get the same ip address from the newly created pool and group.
Hope that helps.
08-30-2010 06:14 AM
Thanks for the reply. What I am really needing to see is what address a user is getting from the pool when he logs on.
Thanks
08-30-2010 06:19 AM
You can check via the following command after the user logs on:
For IPSec VPN: show vpn-sessiondb detail remote filter name
For AnyConnect/SSL VPN: show vpn-sessiondb detail svc filter name
Hope that helps.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide