ATTENTION: We are currently working an issue with posting. Thank you for your patience while we work on a resolution.
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3180
Views
5
Helpful
2
Replies

Calling station ID attribute needs MAC address for Anyconnect VPN client

Parag Mahajan
Cisco Employee
Cisco Employee

Hi All,

We are testing Anyconnect VPN users tring to connect using certificate. ASA is validating/ authenticating user based on cert and for authorization it is requesting Radius server(ISE). Currently ASA  is sending Ip address of VPN client in "calling station ID" .We want ASA to send MAC address of Anyconnect VPN client to radius server in 'calling station ID' radius attribute.  Is it possible to achieve this. Any workround ?

1 Accepted Solution

Accepted Solutions

edwjames
Level 3
Level 3

Hi Parag,

The Calling Station ID will always contain IP Address in case of Anyconnect VPN.

L3 being the cause unlike Wireless which has L2 Assoc.

Currently no workaround.

Regard

Ed

**Share your knowledge. It’s a way to achieve immortality. --Dalai Lama** Please Rate if helpful. Regards Ed

View solution in original post

2 Replies 2

edwjames
Level 3
Level 3

Hi Parag,

The Calling Station ID will always contain IP Address in case of Anyconnect VPN.

L3 being the cause unlike Wireless which has L2 Assoc.

Currently no workaround.

Regard

Ed

**Share your knowledge. It’s a way to achieve immortality. --Dalai Lama** Please Rate if helpful. Regards Ed

Thanks Edward