09-18-2011 10:12 PM - edited 03-10-2019 06:24 PM
Hello everyone,
I get problem.Please help me.
At first I use ACS 4.2 to create static ip address user for remote access VPN,It's easy,just configuration it at user set>Client IP Address Assignment>Assign static IP address,but when I use ACS 5.2 I dont't know how to do it.
I try to add IPv4 address attribute to user by read "ACS 5.2 user guide" ,it says this:
Step 1Add a static IP attribute to internal user attribute dictionary:
Step 2Select System Administration > Configuration > Dictionaries > Identity > Internal Users.
Step 3Click Create.
Step 4Add static IP attribute.
Step 5Select Users and Identity Stores > Internal Identity Stores > Users.
Step 6Click Create.
Step 7Edit the static IP attribute of the user.
I just do it,but it's not work.When I use EasyVPN client to connect ASA 5520,user could success to authentication but will not get the static IP address which I configure on Internal Users,so the tunnel set up failed.I try to Configure a IP pool on ASA for ACS users get IP address,and use EasyVPN client to connect ASA , everything is OK,user authenticate successed.but when I kill IP pool coufigurations and use the "add a static IP address to user "configurations,EzVPN are failed.
so,what should I do,if anyboby knows how to use ACS 5.2 to create a static ip address user for remote access VPN,please tell.
Wait for you response,no matter right or not,please response,thank you.
Solved! Go to Solution.
09-18-2011 11:05 PM
There are some additional steps to be performed to ensure that the static address defined for the user is returned in the Access-Accept. See the instuctions in the attached two slides
09-18-2011 11:05 PM
09-20-2011 07:00 AM
I greatly appreciate your help, the problem has been the perfect solution. Thanks for your reply.
09-28-2012 04:22 AM
This "issue" is still present in ACS 5.3 patched up to the latest version. At least the documentation help files that are installed with the update could have been updated in the mean time...
I tried to follow the powerpoint slides.
However, on the first slide i run into a problem: to the right of the dropdown box where "Internal Users" is selected, i can not select "Assigned IP Address". The Attributes List where i can select from, is empy.
Any help would be appeciated.
09-28-2012 06:10 AM
12-11-2012 08:24 AM
Thanks, i followed this procedure.
When testing against a radius client simulator (Vasco Vacman radius client simulator) i now get an attribute 8 framed-IP-Address. However, the value type is unknown according to the simulator.
Can i safely assume that this is an issue with the simulator?
12-11-2012 02:07 PM
Not familiar what this simulaor is
Framed-IP-Address is attribute number 8. Could be that your simulator may not recognize the IPv4 address
One other way is to run the test and then go to "Monitoring & Reports > Reports > Catalog > AAA Protocol > RADIUS Authentication
and view the details for the request. You should see the value returned for the Framed-IP-Address in the report
12-12-2012 02:40 AM
Thanks again, this looks good!
If you have any suggestion for other radius test client simulator software i would be interested. For now i will continue with my implementation
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide