11-12-2020 02:29 AM
Hello
How can i assign a static ip to a user logged in on a Cisco 2921 by anyconnect?
best regards
Solved! Go to Solution.
11-13-2020 01:25 PM
setup a general any connect client and dealing with a public IP address- based on the group that IP will be provided.
11-12-2020 02:50 AM
Do you have any radius in place or users are locally created ?
can you post the config ?
11-12-2020 03:19 AM
I have only locally users on the router.
br
11-12-2020 05:34 AM
Follow below Guide make differe profile for each user to get static IP on router - hope that help you:
11-13-2020 06:31 AM
This is nice for VPN Client and a good idea but how can i implement this in anyconnect?
It looks like this config
webvpn gateway SSLVPN_GATEWAY
ip address 172.30.1.2 port 443
http-redirect port 80
ssl trustpoint SSLVPN_CERT
logging enable
inservice
!
webvpn context SSL_Context
virtual-template 1
aaa authentication list SSLVPN_AAA
gateway SSLVPN_GATEWAY
!
ssl authenticate verify all
inservice
!
policy group SSL_Policy
functions svc-enabled
svc address-pool "SSLVPN_POOL" netmask 255.255.255.0
svc split include acl 10
svc dns-server primary 8.8.8.8
default-group-policy SSL_Policy
!
BR
11-13-2020 01:25 PM
setup a general any connect client and dealing with a public IP address- based on the group that IP will be provided.
11-13-2020 02:25 PM
So you mean for every user i should take a public IP? But i only had one IP on the Wan side.
Br
11-14-2020 01:42 AM
No dial-in with the only IP address all of them, based on the Group and User you configured that IP will be assigned, but it bit manual task if you have large userbase, that is the reason RADIUS is a good candidate here.
11-14-2020 02:57 AM
I think what you can do in this case would be to specify a domain for each user, create multiple pools with a /32 for each to define the private IP addresses you want to assign to each user, and then you need to associate the pools and domains under each respective context similar to this:
username user1@domain1 password xxxxxxx
username user2@domain2 password xxxxxxx
webvpn context SSL_Context_1
policy group SSL_Policy_1
svc address-pool "SSLVPN_POOL_1"
aaa authentication domain @domain1
gateway SSLVPN_GATEWAY domain domain1
webvpn context SSL_Context_2
policy group SSL_Policy_2
svc address-pool "SSLVPN_POOL_2"
aaa authentication domain @domain2
gateway SSLVPN_GATEWAY domain domain2
Users they need to specify the domain they should connect to through the specific URL, for example, user1 would use https://<public ip>/domain1, user2 would use https://<public ip>/domain2, and so on.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: