Solved: DHCP of VPN should not free IP address after disconnect

kostasthedelegate · ‎02-24-2020

Hello,

I have a scenario to implement.

I have VPN with AnyConnect Client.

A user is logged on and is assigned an IP address by Address Pool.

When the user logs off, I do not want the Address Pool to free the IP address, but I would like to have it bound for some time (ie an hour)

If the same user logs on then he should be assigned the same IP.

Any thoughts?

Regards,

Konstantinos

kostasthedelegate · ‎02-25-2020

Hello All,

Thank you for your answers.
There is an option in ASDM in the Remote Access VPN, in the address pool that says Reuse ip address after release after x minutes.

That did the job.

Regards,
Konstantinos

View solution in original post

Rob Ingram · ‎02-24-2020

Hi,
If you are using the ASA IP Address Pool then this is not possible. One option would be to assign the same IP address to the user via RADIUS, example here.

HTH

Mohammed al Baqari · ‎02-24-2020

I don't think this possible because DHCP lease time needs IP/MAC binding
which isn't the case for anyConnect pool.

kostasthedelegate · ‎02-25-2020

Hello All,

Thank you for your answers.
There is an option in ASDM in the Remote Access VPN, in the address pool that says Reuse ip address after release after x minutes.

That did the job.

Regards,
Konstantinos

Pulkit Saxena · ‎02-25-2020

Hi,

I believe this is what you did :
https://www.cisco.com/c/en/us/td/docs/security/asa/asa97/asdm77/vpn/asdm-77-vpn-config/vpn-addresses.html#ID-2183-00000005

Can you confirm this is allowing the user to get the same IP address when it is connecting again ?
Because what is seems like, it is just keeping the IP for a longer time and not releasing it in the pool.
-
Pulkit