05-13-2010 04:13 PM - edited 02-21-2020 04:39 PM
Our environment is a Cisco ASA5550 running version 8.2(1). The remote AnyConnect SSL clients receive their IPs via a Microsoft DHCP server. We would like to reserve some IP addresses based on client PC. I have noticed that the MAC address passed by ASA to the DHCP server is not static, which makes reserving an IP difficult. Is there a way to do this? Thanks.
05-14-2010 07:26 AM
The only way that I can think of would be more of a hack in which you have the user connect to a separate connection profile which is restricted to a single session. You then configure a DHCP pool with a single IP address for this specific user. The tunnel group would then get directed to this DHCP server and the group policy to the new network scope. Depending on how your routing and NAT is set up, you may need to add additional configurations to make this work. A more scalable approach will be to do static IP address assignment via RADIUS or LDAP.
05-14-2010 08:19 AM
thanks for your help.
Tim
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide