09-08-2011 01:52 AM - edited 02-21-2020 05:34 PM
I'm trying to achieve framed-ip-address/static ip address for some remote access vpn clients and ip allocation from pool dynamically for remaining remote access vpn clients. I've configured my asa with the help of http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080a7afb2.shtml
I'm using local database for user authentication. Remote users can connect and always gets IP address from pool only and never gets the framed-ip I configured for those particular users.
Could anyone please help me to find what I missed.
09-10-2011 02:27 PM
Hello Anisuzzaman
I believe the document is incorrect when it tells you to configure "no vpn-addr-assign aaa".
Local per-user attributes are considered as "local AAA-sever" so please configure "vpn-addr-assign aaa" (or check the check box for "Use authentication server" in ASDM) and try again.
hth
Herbert
09-16-2011 09:38 PM
Thanks Herbert, authentication server parameter did the trick. Cheers.
09-12-2011 12:11 PM
When you create the user account, use the following syntax under the username attributes
username
vpn-group-policy
vpn-framed-ip-address <10.10.10.35 255.255.255.0>
The items in brackets is what you'll change based on your specific configuration
Good luck
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide