Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2207
Views
10
Helpful
8
Replies

ezvpn server. assign static ip to specified clients

Go to solution
ndi_kiyanov
Level 1
Level 1

‎09-13-2011 08:09 AM

Hi

I have configured cisco router as easy vpn server.

everything working fine.

but i can;t find how to assign static ip to specified vpn client. (assign by  MAC or by name)

i tryed to create dhcp binding:

ip dhcp pool vpnclient

host 192.168.111.50 255.255.255.0

hardware-address 0005.9a3c.00a9

client-name vpnclient

but this do not affect on ezvpn client ip address ..

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
raga.fusionet
Level 4
Level 4
In response to ndi_kiyanov

‎09-13-2011 09:35 PM

Hey Andrii good trick, noted down

You would need to include the IP Pool of group A on the Split tunneling ACL of group B and viceversa.

I hope it makes sense

If it doesnt let me  know

Raga

View solution in original post

0 Helpful
8 Replies 8

Go to solution
raga.fusionet
Level 4
Level 4

‎09-13-2011 08:12 AM

Hi Adrii,

This is not supported on routers only on the ASA and the address assigment gets done based on user id not on MAC address.

HTH.

Raga

Go to solution
ndi_kiyanov
Level 1
Level 1
In response to raga.fusionet

‎09-13-2011 10:28 AM

thank you Luis for your reply.

okay another questions:

1) is it possible to change local pool lease parameters ?

2) is it possible to get ezvpn clients by name in any way?

thank you in advance

0 Helpful

Go to solution
raga.fusionet
Level 4
Level 4
In response to ndi_kiyanov

‎09-13-2011 12:12 PM

Andrii:

1) No, the IP address will remain assigned to a given client as long as the VPN client remains connected. You cant change that.

2) You can only do this on the ASA, not on a router. On the ASA you can statically assign an  IP address to a given user for example: 

username cisco123 password ffIRPGpDSOJh9YLq 
username cisco123 attributes
  vpn-framed-ip-address 192.168.5.1 255.255.255.0

Unfortunately, the router's capabilities in regards to VPN are a little limited
compared to the ASA's.

I hope this clarifies your questions.

Raga

Go to solution
ndi_kiyanov
Level 1
Level 1
In response to raga.fusionet

‎09-13-2011 03:37 PM

Luis, thank you again for clarification.

But i found the trick I can do  :

-create second vpn group and "second ezvpn server". assign group to srv

-create separate local pool with only one ip address in it

-use this connection to connect my "unusuall ezvpn client"

profit

0 Helpful

Go to solution
ndi_kiyanov
Level 1
Level 1
In response to ndi_kiyanov

‎09-13-2011 03:38 PM

but only one thing i can;'t do for now  - it's make the clients of these groups "visible" to each other.

0 Helpful

Go to solution
raga.fusionet
Level 4
Level 4
In response to ndi_kiyanov

‎09-13-2011 09:35 PM

Hey Andrii good trick, noted down

You would need to include the IP Pool of group A on the Split tunneling ACL of group B and viceversa.

I hope it makes sense

If it doesnt let me  know

Raga

0 Helpful

Go to solution
ndi_kiyanov
Level 1
Level 1
In response to raga.fusionet

‎09-14-2011 10:55 AM

Hi Diego,

thank you for your help! now everyhting works fine.

0 Helpful

Go to solution
raga.fusionet
Level 4
Level 4
In response to ndi_kiyanov

‎09-14-2011 10:58 AM

Sweet!

Glad to hear that I was able to help

0 Helpful
Customers Also Viewed These Support Documents