Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VPN Client 3.5 assign IP by Username

Hello Everybody,

I use W2K + VPN on a 1720 Router working OK.

Now I would need to assign specific IP Adresses by Username (not automatic LOCAL Pool)

I mean if Username = A then 192.168.153.1, if Username = B then 192.168.153.2 and allways 1 User have the same IP Address.

************************

Current x-auth Config:

*************************

aaa new-model

aaa authentication login my-usraut local

aaa authorization network my-grpaut local

!

username A password 0 xxxx

username B password 0 xxxx

!

crypto isakmp enable

crypto isakmp identity address

!

crypto isakmp policy 2

encr 3des

hash sha

authentication pre-share

group 2

!

ip local pool vpn-dial-pool 192.168.153.1 192.168.153.254

!

crypto isakmp client configuration group vpnclient

key xxxxxxyyyyyy

pool vpn-dial-pool

!

crypto ipsec transform-set vpn-transform esp-3des esp-sha-hmac

!

crypto dynamic-map vpn-dynamic 10

set transform-set vpn-transform

!

***********************

Does it work, and what I have to change.

Thanks for HELP

2 REPLIES
New Member

Re: VPN Client 3.5 assign IP by Username

The Ip addresses are assigned by group, maybe you have to use one group for every user. This is not the best way to do it but it should works.

Bronze

Re: VPN Client 3.5 assign IP by Username

Rotuer does not support address assignment for the ipsec group yet. You may be better of defining multiple local pools on the router, and then pass down the pool name via the radius attributes

Check out:

http://www.cisco.com/warp/public/707/ipsec_radius_config.html

Jazib

221
Views
0
Helpful
2
Replies
CreatePlease to create content