0%

SEC0403 – Firepower 7.0 AnyConnect VPN Address Assignment (Part 2)

Posted on by Anas
Category: Anyconnect

SEC0403 – Firepower 7.0 AnyConnect VPN Address Assignment (Part 2)

Address Assignment

IP address assignment can also be performed through ISE RADIUS server
Before we only assigned class , group policy via ISE RADIUS but this time it is IP address

and this IP assigned by ISE is static and never changes and also AAA server takes precedence over DHCP and local IP address Pool

First scenario is when user is locally in ISE
Second scenario is when user is in AD

ISE can store user IP in the form of custom user attribute

Administration > Identity Management > Settings > User Custom Attributes

Identity Management > Identities

Similar attributes can be stored in AD

Dial-in tab

Technically we could use any of these AD fields on user account for IP address

AD join point > Attributes

Leave a Reply

Your email address will not be published. Required fields are marked *

*
*