Is there a way to allocate a specific IP address to an Anyconnect client (ssl vpn) based on the user certificate presented by the client during authentication ?
I can make a similar concept work when using username and password (AAA) for client authentication instead of client certificate based authentication.
I can allocate a specific IP address to an Anyconnect client (ssl vpn) based on username using the example config below :-
username cisco123 attributes
vpn-framed-ip-address 192.168.5.1 255.255.255.0
username cisco567 attributes
vpn-framed-ip-address 192.168.5.2 255.255.255.0
username cisco890 attributes
vpn-framed-ip-address 192.168.5.3 255.255.255.0
I want to achieve the same type of IP allocation using certificate based authentication. Similar to you would normally do using DHCP IP reservation (based on MAC address).
Each client has their own unique certificate.