Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VPN Client 3.5 assign IP by Username

Hello Everybody,

I use W2K + VPN on a 1720 Router working OK.

Now I would need to assign specific IP Adresses by Username (not automatic LOCAL Pool)

I mean if Username = A then, if Username = B then and allways 1 User have the same IP Address.


Current x-auth Config:


aaa new-model

aaa authentication login my-usraut local

aaa authorization network my-grpaut local


username A password 0 xxxx

username B password 0 xxxx


crypto isakmp enable

crypto isakmp identity address


crypto isakmp policy 2

encr 3des

hash sha

authentication pre-share

group 2


ip local pool vpn-dial-pool


crypto isakmp client configuration group vpnclient

key xxxxxxyyyyyy

pool vpn-dial-pool


crypto ipsec transform-set vpn-transform esp-3des esp-sha-hmac


crypto dynamic-map vpn-dynamic 10

set transform-set vpn-transform



Does it work, and what I have to change.

Thanks for HELP

New Member

Re: VPN Client 3.5 assign IP by Username

The Ip addresses are assigned by group, maybe you have to use one group for every user. This is not the best way to do it but it should works.


Re: VPN Client 3.5 assign IP by Username

Rotuer does not support address assignment for the ipsec group yet. You may be better of defining multiple local pools on the router, and then pass down the pool name via the radius attributes

Check out:


CreatePlease to create content