PIX Firewall MAC address VPN IP address

Discussion in 'Cisco' started by Julian Dragut, Feb 7, 2006.

  1. Hi there,

    Would it be possible for a PIX 515e to have IP address reservation for the
    VPN users based on the MAC address of the remote user?

    Thank you,

    Julian Dragut
     
    Julian Dragut, Feb 7, 2006
    #1
    1. Advertising

  2. In article <DwXFf.50831$>,
    Julian Dragut <> wrote:
    >Would it be possible for a PIX 515e to have IP address reservation for the
    >VPN users based on the MAC address of the remote user?


    Not in PIX 6.x, and I would think it unlikely in PIX 7.0.

    IPSec encapsulates content at the IP level, and the IP level
    does not include MAC addresses.

    If there is any way to get at the MAC address in PIX 6.x, it would have
    to be via RADIUS or TACACS+ -- I don't know what information is
    potentially available for them. It doesn't matter in PIX 6.x
    as RADIUS and TACACS+ cannot be used for IP selection in PIX 6.x.

    PIX 7.0 does not appear to support EAP or LEAP authentication.
    It does support LDAP; I don't know if LDAP carries the MAC as one
    of the attributes. I wouldn't -expect- IP addresses to be selectable
    that way anyhow.
     
    Walter Roberson, Feb 7, 2006
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. GVB
    Replies:
    1
    Views:
    2,873
    Martin Bilgrav
    Feb 6, 2004
  2. Replies:
    1
    Views:
    558
    Walter Roberson
    Jun 14, 2005
  3. Svenn
    Replies:
    3
    Views:
    755
    Svenn
    Mar 13, 2006
  4. DarkoN
    Replies:
    0
    Views:
    722
    DarkoN
    Oct 10, 2006
  5. ttripp
    Replies:
    5
    Views:
    2,270
    Thrill5
    Feb 5, 2010
Loading...

Share This Page