Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search instead for
Did you mean:
Unable to assign IP addresses to VPN Clients with the Cisco Secure ACS authentication server, and the "Group User [USER] Cannot obtain an IP address for remote peer" error message appears in the event logs of Concentrator
The error message appears when the VPN Client fails to receive an IP address from an Access Control Server (ACS), which is configured to assign IP addresses.
For a workaround,
It is recommended to reconfigure the settings in the VPN concentrator and the ip pools on the ACS:
On the VPN Concentrator, choose Configuration > System > Address Management > Assignment > Use Address from Authentication Server > Apply in order to choose the authentication server option for IP address assignment.
On the Cisco VPN 3000 Concentrator, choose Configuration > System > Servers > Accounting Servers.
Add the details for the ACS in order to specify the ACS as an Accounting Server. This allows the ACS to see what IP addresses are in use and assign free IP addresses.
In the ACS, go into either the User Setup or the Group Setup in order to provide the IP address.
Choose VPN Client IP Address Assignment.
Choose Assigned from AAA server pool. An IP address pool on the Authentication Authorization Accounting (AAA) server assigns the IP address.