Is is possible to make a DHCP reservaton for specific AnyConnect client PC?
Our environment is a Cisco ASA5550 running version 8.2(1). The remote AnyConnect SSL clients receive their IPs via a Microsoft DHCP server. We would like to reserve some IP addresses based on client PC. I have noticed that the MAC address passed by ASA to the DHCP server is not static, which makes reserving an IP difficult. Is there a way to do this? Thanks.
Re: Is is possible to make a DHCP reservaton for specific AnyCon
The only way that I can think of would be more of a hack in which you have the user connect to a separate connection profile which is restricted to a single session. You then configure a DHCP pool with a single IP address for this specific user. The tunnel group would then get directed to this DHCP server and the group policy to the new network scope. Depending on how your routing and NAT is set up, you may need to add additional configurations to make this work. A more scalable approach will be to do static IP address assignment via RADIUS or LDAP.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...