Using Radius to assign Anyconnect static IP's in ASA 9.1x

tryingtofixit · ‎03-01-2024

Anyone have this working in production?

I have it working in a limited lab. Seems the only statement I needed to do was go from:

no vpn-addr-assign aaa

To

vpn-addr-assign aaa

My Anyconnect client gets the IP assigned to them in AD. And my other clients continue to pully dhcp from the asa vpn pool. Tested this several times works with no issues.

Is it really this simple?

I don't need to create tunnel-groups, policies, separate anyconnect profiles?

My limited testing shows that vpn-addr-assign aaa isn't overriding dhcp being given out via my vpndhcp pool.

thanks

Ruben Cocheno · ‎03-01-2024

@tryingtofixit

Yes, it is

Tag me to follow up.
Please mark it as Helpful and/or Solution Accepted if that is the case. Thanks for making Engineering easy again.
Connect with me for more on Linkedin https://www.linkedin.com/in/rubencocheno/