Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

how to assign static ip address against one user on Cisco ASA for ipsec remote vpn client

Dear All ,

              Can any one tell me how to  configure static ip address against one user on Cisco ASA for IPsec remote vpn. As i have configured IPsec remote VPN on cisco ASA5510 .I have  configureed below configuration against user .Please have a look the below configuration


crypto isakmp enable outside

crypto isakmp policy 2
 authentication pre-share
 encryption des
 hash sha
 group 2
 lifetime 86400


crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto dynamic-map outside_dyn_map 1 set transform-set ESP-DES-SHA
crypto map outside_map 1 ipsec-isakmp dynamic outside_dyn_map
crypto map outside_map interface outside

ip local pool vpnclient1 mask

username cisco123 password ffIRPGpDSOJh9YLq encrypted
username cisco123 attributes

tunnel-group TunnelGroup1 type remote-access
tunnel-group TunnelGroup1 general-attributes
 address-pool vpnclient1

tunnel-group TunnelGroup1 ipsec-attributes
 pre-shared-key *

My query is that I can able to connect vpn client using username cisco123 with ip address
of .But when i am trying connect using same username cisco123 from 
other client .Then it's takeing ip address from vpnclient pool.

Can anyone tell me how can i restrict one ip address using one username for 
vpn client.

It would be highly appreciated if you reply with your valuable comments.

Thanks and regards


Cisco Employee

how to assign static ip address against one user on Cisco ASA fo

Do we have this command in the config:

vpn-addr-assign aaa

If not, could you please issue the above command and try again.

Jatin Katyal

**Do rate helpful posts**

~BR Jatin Katyal **Do rate helpful posts**
CreatePlease to create content