Hi every one.we have an ASA5520 in our HQ office which users connect to it via remote access vpn with cisco vpn client.i have problem to assigning ip address to users when they connect to ASA.i have configured a Pool for users.also i want to assign specific ip address from pool to speciffic users so i have configured usernames with attributes.
ip local pool 192.168.10.1-192.168.10.254 mask 255.255.255.0
group-policy nins internal
group-policy nina attributes
vpn-tunnel-protocol IPSec
split-tunnel-policy excludespecified
split-tunnel-network-list value split
username user1 password P4tt33SV8TYp encrypted privilege 0
username user1 attributes
vpn-group-policy nina
vpn-framed-ip-address 192.168.10.2 255.255.255.0
this configuration was ok and users get ip address that is configured on user attribute but after i have configured some users with asdm,asdm added some default configuration such as
dynamic-access-policy-record DfltAccessPolicy
group-policy DfltGrpPolicy attributes
vpn-tunnel-protocol IPSec
and now when a user tries to connect it doesnt get ip address configured on user attribute insted asa gives a random ip address from pool.so how can i fix this problem?
i think may be the default DfltGrpPolicy and "dynamic-access-policy-record DfltAccessPolicy" couse this problem?thanks.