Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

how to assign static ip address against one user on Cisco ASA for ipsec remote vpn client

Dear All ,

              Can any one tell me how to  configure static ip address against one user on Cisco ASA for IPsec remote vpn. As i have configured IPsec remote VPN on cisco ASA5510 .I have  configureed below configuration against user .Please have a look the below configuration

Phase-I


crypto isakmp enable outside

crypto isakmp policy 2
 authentication pre-share
 encryption des
 hash sha
 group 2
 lifetime 86400


Phase-II


crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto dynamic-map outside_dyn_map 1 set transform-set ESP-DES-SHA
crypto map outside_map 1 ipsec-isakmp dynamic outside_dyn_map
crypto map outside_map interface outside


ip local pool vpnclient1 192.168.5.10-192.168.5.100 mask 255.255.255.0


username cisco123 password ffIRPGpDSOJh9YLq encrypted
username cisco123 attributes
  vpn-framed-ip-address 192.168.5.1 255.255.255.0

tunnel-group TunnelGroup1 type remote-access
tunnel-group TunnelGroup1 general-attributes
 address-pool vpnclient1

tunnel-group TunnelGroup1 ipsec-attributes
 pre-shared-key *

My query is that I can able to connect vpn client using username cisco123 with ip address
of 192.168.5.1 .But when i am trying connect using same username cisco123 from 
other client .Then it's takeing ip address from vpnclient pool.

Can anyone tell me how can i restrict one ip address using one username for 
vpn client.


It would be highly appreciated if you reply with your valuable comments.


Thanks and regards

Erfan




1 REPLY
Cisco Employee

how to assign static ip address against one user on Cisco ASA fo

Do we have this command in the config:

vpn-addr-assign aaa

If not, could you please issue the above command and try again.

~BR
Jatin Katyal

**Do rate helpful posts**

~BR Jatin Katyal **Do rate helpful posts**
858
Views
0
Helpful
1
Replies
CreatePlease to create content