Cisco ASA Remote Access VPN

Hello Sims

Take a look at this post to get an idea of how to proceed with troubleshooting with VPNs…

This one goes into even more detail that might be enlightening.

As you continue your troubleshooting, let us know if we can help with any more specific issues.

I hope this has been helpful!


Hi dear. how can i add dhcp reservation cisco asa for local and vpn clients ? is it possible?

Hello Cemil

If you take a look at this lesson you will see how the IP address is assigned to the remote client:

In this particular case, an ip local pool is created from which IP addresses can be assigned. Now the method of assigning addresses can be modified using the vpn-addr-assign command. In the above example, the command vpn-addr-assign local is used, which tells the ASA to assign addresses using the predefined local pool.

However, you have other choices that you can use for assigning addresses, such as using AAA or DHCP. These are further described in the following Cisco documentation:

In order to reserve a particular IP address for a specific host, you can do one of the following:

  1. Create an IP pool of a single address and have a single tunnel group correspond to a single user. This is useful if you have very few users, as it is not easily scalable.
  2. You can use AAA and retrieve the address to be used from an external AAA server on a per user basis. If you are using an authentication server anyway, this is the best way to do it.
  3. use DHCP obtaining addresses from a dhcp server.

All of the above can be configured using the vpn-addr-assign command shown above.

I hope this has been helpful!