vikashdaya
asked on
Cisco ASA DCHP Reservations
I have a Cisco ASA 5510 configured for VPN access. I've created and assigned an IP Address pool for VPN connections on the ASA device. One of our applications that is accessed through the VPN has a builtin security feature that only allows access from preconfigured IP addresses. Is there a way to create DHCP reservations for the VPN connections on the ASA Device?
Note: User Accounts exist in Active Directory and will authenticate via LDAP. Using Local accounts is not considered an option at this point.
Note: User Accounts exist in Active Directory and will authenticate via LDAP. Using Local accounts is not considered an option at this point.
ASKER
I did think of that... however, the problem is the application locks down to IP address and Machine Name so the user has to get the same IP each time they connect. Having a seperate IP Pool won't guarantee that they get the same IP each time.
I'm trying to work out if the VPN connections are able to get IP address assignments from Windows 2003 DHCP and AD User Properties (Dial-in tab has options to allocate IP to a user). If anyone has links to how this can be done, please post them on this thread.
Thanks
I'm trying to work out if the VPN connections are able to get IP address assignments from Windows 2003 DHCP and AD User Properties (Dial-in tab has options to allocate IP to a user). If anyone has links to how this can be done, please post them on this thread.
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
What you can do however is create a separate VPN group (connection profile) and assign a different pool of addresses to be used for this application. Only the users that need access to the application will use the new group and get an IP address that is allowed to access the application.