Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1026
Views
0
Helpful
0
Replies

Cisco Anyconnect static IP and subnet mask

Kane Smith
Level 1
Level 1

‎08-07-2020 04:44 AM

Hi guys,

I have a lab environment with a vASA 9.12 and Anyconnect VPN all set up to authenticate via a RADIUS server. I would like to assign a static IP and a /32 mask to a specific user via LDAP. I have the following set up:

ASA:

 

ldap attribute-map StaticIP
map-name msRADIUSCallbackNumber IETF-Radius-Framed-IP-Netmask
map-value msRADIUSCallbackNumber 32 4294967295
map-name msRADIUSFramedIPAddress IETF-Radius-Framed-IP-Address


aaa-server LDAP protocol ldap
aaa-server LDAP (INSIDE) host 10.255.1.10
ldap-base-dn OU=mycorp,DC=co,DC=uk
ldap-scope subtree
ldap-naming-attribute sAMAccountName
ldap-login-password *****
ldap-login-dn ldapadmin
server-type microsoft
ldap-attribute-map StaticIP

 

While I am now assigned the static IP set on the ldap server under my account, the mask is wrong and I am assigned a /16.  Any ideas please?

I just copied the above config from another post as I couldn't find any detailed documentation on CCO about setting IP address and mask.

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents