Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1486
Views
0
Helpful
4
Replies

to assign static ip from active directory to dialin user

elnurh
Level 1
Level 1

‎06-01-2007 03:06 AM

Hi everybody. I have dialin router which work and routers assign ip from his local pool. i would like to do like that User from active directory in his properties page I assign to him static ip.

What additional configuration do I need that it's work. All dialin user authentification go through radius from active directory.

thanks before

Labels:
0 Helpful
4 Replies 4

b.hsu
Level 5
Level 5

‎06-07-2007 12:08 PM

CiscoSecure ACS grants authorization based on the CiscoSecure ACS group to which the user is assigned. While the group to which a user is assigned can be determined by information from the Windows user database, it is CiscoSecure ACS that grants authorization privileges. CiscoSecure ACS grants authorization based on the CiscoSecure ACS group to which the user is assigned. While the group to which a user is assigned can be determined by information from the Windows user database, it is CiscoSecure ACS that grants authorization privileges.

To further control access by a user from within the Windows User Manager or Active Directory Users and Computers, you can configure CiscoSecure ACS to also check the setting for granting dialin permission to user. If this feature is disabled for the user, access is denied, even if the username and password are typed correctly

0 Helpful

Florin Barhala
Level 6
Level 6
In response to b.hsu

‎08-05-2019 09:02 PM

Hello,

 

I could not find another related thread about this.

I need to "read" the Dial-In STATIC IP Address Attribute from AD username using Aruba ClearPass 6.7.

If anyone managed to do it, please share the CPPM config details.

 

Thanks,

Florin.

0 Helpful

Rob Ingram
VIP
VIP
In response to Florin Barhala

‎08-06-2019 12:50 AM

Hi @Florin Barhala 

 

I don't know about the Clearpass configuration, but you'll need to use the msRADIUSFramedIPAddress attribute and return that as part of authorization. This example covers what you want, it's for ISE not Clearpass, but should hopefully point you in the right direction.

 

HTH

0 Helpful

Florin Barhala
Level 6
Level 6
In response to Rob Ingram

‎08-08-2019 01:01 AM

Thank you very much, RJI!
I did figured it out in the meantime; full story can be read and hopefully used by others here: https://community.arubanetworks.com/t5/Security/Cisco-ASA-VPN-Returning-IETF-Framed-IP-Address/td-p/219119/page/2
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents