How to assign a Cisco PIX VPN user a static IP

hi Everyone,
 
does anyone know if it is possible to make sure one VPN user always gets the same IP address?
We are using a PIX 515E

 thanks!
WAMSINCAsked:
Who is Participating?
 
Michael OrtegaSales & Systems EngineerCommented:
try other way around. remove the dhcprelay entries you have thus far.

dhcprelay server 10.10.10.10 inside
dhcprelay enable outside

MO
0
 
Software_onbekendCommented:
yes that is possible.
0
 
Michael OrtegaSales & Systems EngineerCommented:
If they are always using the same system you can simply setup a DHCP reservation on whatever device is acting as the DHCP server. If it's the PIX simply setup the reservation as a part of the VPN DHCP Scope.

MO
0
How do you know if your security is working?

Protecting your business doesn’t have to mean sifting through endless alerts and notifications. With WatchGuard Total Security Suite, you can feel confident that your business is secure, meaning you can get back to the things that have been sitting on your to-do list.

 
Michael OrtegaSales & Systems EngineerCommented:
Another note is that if you're using a RADIUS server for authentication you could assign the IP address based on the actually "user" account.

MO
0
 
WAMSINCAuthor Commented:
thanks - this person will be using the same laptop and I have his MAC address - what is the command for that?
0
 
WAMSINCAuthor Commented:
Im not seeing a command to create a dhcp reservation in the documentation, is there a workaround ?
0
 
Michael OrtegaSales & Systems EngineerCommented:
I just remembered that PIXs can't do DHCP reservations. ASA's can. You'll need to use your internal DHCP server (presumably a Windows Server running DHCP). You can setup DHCPRELAY on the Cisco PIX to relay DHCP traffic to your internal host.

dhcprelay server 10.10.10.10 inside
dhcprelay enable inside

MO
0
 
WAMSINCAuthor Commented:
ok thanks - I set up a lease pool on a windows server, but when I enter dhcprelay enable inside I get the following:

DHCP Relay cannot receive DHCP requests and forward them on the same interface.
0
 
WAMSINCAuthor Commented:
from what I can find, I think you meant to say "dhcprelay server 10.10.10.10. outside"

but looks like there is a tunnel group set up to get a local IP address and when I enable the dhcprelay I get the error ""Secure VPN Connection terminated by Peer. Reason 433:(Reason Not Specified by Peer)" "
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.