<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFCC" text="#000000">
Would using ClientID be possible?<br>
<br>
<div class="moz-cite-prefix">On 09/02/2016 16:42, David Elliott
wrote:<br>
</div>
<blockquote
cite="mid:CAHC8QkfDfbqQ4RCz=PjRObHwaNjWK+1iwVJw0vmRBrQ58ngtxA@mail.gmail.com"
type="cite">
<div dir="ltr">
<div>Desired outcome: Assign same IP address to a VPN client by
hostname every time.<br>
</div>
<div><br>
</div>
<div>Situation: The Cisco ASA VPN firewall does pass the
hostname in the DHCP Discover, but does not provide the VPN
client's MAC address (it provides the Cisco ASA MAC adress).</div>
<div><br>
</div>
<div>What happens: The PCIVWS01 client gets correct ip address
172.16.147.131 first time (and it is written in LEASES file).
Second time the VPN client connected, it got DIFFERENT
address: 172.16.147.105. Third time it got 172.16.147.151. </div>
<div><br>
</div>
<div>What I tried: I commented out the lease for 172.16.147.131
in the /var/lib/dhcp/dhcpd.leases fileand restarted dhcpd
service, and the PCIVWS01 VPN client got 172.16.147.131 again!</div>
<div><br>
</div>
<div><br>
</div>
<div>What must I do so hostname PCIVWS01 always gets
172.16.147.131 ?</div>
<div><br>
</div>
<div>========= dhcpd.conf (with example comments
removed)==================</div>
<div>ddns-update-style none;</div>
<div><br>
</div>
<div># option definitions common to all supported networks...</div>
<div>option domain-name "<a moz-do-not-send="true"
href="http://lifeway.org">lifeway.org</a>";</div>
<div>option domain-name-servers 172.16.41.24, 172.16.41.32;</div>
<div><br>
</div>
<div>default-lease-time 86400;</div>
<div>max-lease-time 604800;</div>
<div><br>
</div>
<div>log-facility local7;</div>
<div><br>
</div>
<div>subnet 172.16.46.30 netmask 255.255.255.255 {</div>
<div>}</div>
<div><br>
</div>
<div>subnet 172.17.10.0 netmask 255.255.254.0 {</div>
<div><span class="" style="white-space:pre"> </span>## dhcp
start and end IP range ##</div>
<div><span class="" style="white-space:pre"> </span># Test SAND
environment</div>
<div><span class="" style="white-space:pre"> </span>authoritative;</div>
<div> range 172.17.10.76 172.17.10.199;</div>
<div><span class="" style="white-space:pre"> </span>option
subnet-mask 255.255.254.0;</div>
<div><span class="" style="white-space:pre"> </span>option
broadcast-address 172.17.10.255;</div>
<div><span class="" style="white-space:pre"> </span>option
routers 172.17.10.1;</div>
<div><br>
</div>
<div> host test-Elliott-Lenovo {</div>
<div> hardware ethernet 00:26:18:23:D1:F6;</div>
<div> fixed-address 172.17.10.100;</div>
<div> } </div>
<div>}</div>
<div># Classes to specify Ridgecrest PCIClient VPN clients</div>
<div>class "PCIVRC01"{</div>
<div>match if substring (option host-name, 0,8)="PCIVRC01";</div>
<div>}</div>
<div>class "PCIVRC02"{</div>
<div>match if substring (option host-name, 0,8)="PCIVRC02";</div>
<div>}</div>
<div>class "PCIVRC03"{</div>
<div>match if substring (option host-name, 0,8)="PCIVRC03";</div>
<div>}</div>
<div>class "PCIVRC04"{</div>
<div>match if substring (option host-name, 0,8)="PCIVRC04";</div>
<div>}</div>
<div>class "PCIVRC05"{</div>
<div>match if substring (option host-name, 0,8)="PCIVRC05";</div>
<div>}</div>
<div>class "TESTRCC"{</div>
<div>match if substring (option host-name, 0,9)="A00014061";</div>
<div>}</div>
<div>class "PCIVRCXX"{</div>
<div>match if substring (option host-name, 0,6)="PCIVRC";</div>
<div>spawn with option host-name;</div>
<div>}</div>
<div>#</div>
<div>class "PCIVWS01"{</div>
<div>match if substring (option host-name, 0,8)="PCIVWS01";</div>
<div>}</div>
<div>class "PCIVWS02"{</div>
<div>match if substring (option host-name, 0,8)="PCIVWS02";</div>
<div>}</div>
<div>class "PCIVWS03"{</div>
<div>match if substring (option host-name, 0,8)="PCIVWS03";</div>
<div>}</div>
<div>class "PCIVWS04"{</div>
<div>match if substring (option host-name, 0,8)="PCIVWS04";</div>
<div>}</div>
<div>class "PCIVWS05"{</div>
<div>match if substring (option host-name, 0,8)="PCIVWS05";</div>
<div>}</div>
<div>#class "TESTWS"{</div>
<div>#match if substring (option host-name, 0,8)="A00014061";</div>
<div>#}</div>
<div>class "PCIVWSXX"{</div>
<div>match if substring (option host-name, 0,6)="PCIVWS";</div>
<div>spawn with option host-name;</div>
<div>}</div>
<div><br>
</div>
<div><br>
</div>
<div>subnet 172.16.147.0 netmask 255.255.255.0 {</div>
<div> # PCI VPN Client</div>
<div> authoritative;</div>
<div> #range 172.16.147.64 172.16.147.127;</div>
<div> option subnet-mask 255.255.255.0;</div>
<div> option broadcast-address 172.17.147.255;</div>
<div> option routers 172.16.147.50;</div>
<div> # Specifically named PCIVRC - Ridgecrest PCIVPN clients
get these reserved addresses</div>
<div> pool {</div>
<div> allow members of "PCIVRC01";</div>
<div> range 172.16.147.51 172.16.147.51;</div>
<div> }</div>
<div> pool {</div>
<div> allow members of "PCIVRC02";</div>
<div> range 172.16.147.52 172.16.147.52;</div>
<div> }</div>
<div> pool {</div>
<div> allow members of "PCIVRC03";</div>
<div> range 172.16.147.53 172.16.147.53;</div>
<div> }</div>
<div> pool {</div>
<div> allow members of "PCIVRC04";</div>
<div> range 172.16.147.54 172.16.147.54;</div>
<div> }</div>
<div> pool {</div>
<div> allow members of "PCIVRC05";</div>
<div> range 172.16.147.55 172.16.147.55;</div>
<div> }</div>
<div> pool {</div>
<div> allow members of "TESTRCC";</div>
<div> range 172.16.147.63 172.16.147.63;</div>
<div> }</div>
<div># Any PCIVRC - Ridgecrest PCIVPN clients get these
addresses</div>
<div> pool {</div>
<div> allow members of "PCIVRCXX";</div>
<div> range 172.16.147.64 172.16.147.127;</div>
<div> }</div>
<div># Specifically named PCIVWS - WordSearch PCIVPN clients get
these reserved addresses</div>
<div> pool {</div>
<div> allow members of "PCIVWS01";</div>
<div> range 172.16.147.131 172.16.147.131;</div>
<div> }</div>
<div> pool {</div>
<div> allow members of "PCIVWS02";</div>
<div> range 172.16.147.132 172.16.147.132;</div>
<div> }</div>
<div> pool {</div>
<div> allow members of "PCIVWS03";</div>
<div> range 172.16.147.133 172.16.147.133;</div>
<div> }</div>
<div> pool {</div>
<div> allow members of "PCIVWS04";</div>
<div> range 172.16.147.134 172.16.147.134;</div>
<div> }</div>
<div> pool {</div>
<div> allow members of "PCIVWS05";</div>
<div> range 172.16.147.135 172.16.147.135;</div>
<div> }</div>
<div># pool {</div>
<div># allow members of "TESTWS";</div>
<div># range 172.16.147.149 172.16.147.149;</div>
<div># }</div>
<div># Any PCIVWS - WordSearch PCIVPN clients get these
addresses</div>
<div> pool {</div>
<div> allow members of "PCIVWSXX";</div>
<div> range 172.16.147.150 172.16.147.179;</div>
<div> }</div>
<div>}</div>
<div><br>
</div>
<div>=============LEASES============================</div>
<div><br>
</div>
<div>root@lwydhcpndcp01:/var/lib/dhcp# more dhcpd.leases</div>
<div># The format of this file is documented in the
dhcpd.leases(5) manual page.</div>
<div># This lease file was written by isc-dhcp-4.1-ESV-R4</div>
<div><br>
</div>
<div>lease 172.16.147.63 {</div>
<div> starts 3 2016/02/03 12:16:57;</div>
<div> ends 3 2016/02/03 19:05:55;</div>
<div> tstp 3 2016/02/03 19:05:55;</div>
<div> cltt 3 2016/02/03 12:16:57;</div>
<div> binding state free;</div>
<div> hardware ethernet 00:1b:d5:e8:eb:93;</div>
<div> uid "\000cisco-001b.d5e8.eb93-A0001406137-Trusted\000";</div>
<div>}</div>
<div>lease 172.16.147.64 {</div>
<div> starts 3 2015/11/25 16:07:14;</div>
<div> ends 3 2015/11/25 16:09:14;</div>
<div> tstp 3 2015/11/25 16:09:14;</div>
<div> cltt 3 2015/11/25 16:07:14;</div>
<div> binding state free;</div>
<div> hardware ethernet 00:1b:d5:e8:eb:93;</div>
<div> uid "\000cisco-001b.d5e8.eb93-A000140612-Trusted\000";</div>
<div> client-hostname "A00014061";</div>
<div>}</div>
<div>lease 172.16.147.65 {</div>
<div> starts 1 2015/11/30 14:31:25;</div>
<div> ends 1 2015/11/30 14:33:25;</div>
<div> tstp 1 2015/11/30 14:33:25;</div>
<div> cltt 1 2015/11/30 14:31:25;</div>
<div> binding state free;</div>
<div> hardware ethernet 00:1b:d5:e8:eb:93;</div>
<div> uid "\000cisco-001b.d5e8.eb93-A000140613-Trusted\000";</div>
<div> client-hostname "A00014061";</div>
<div>}</div>
<div>lease 172.16.147.66 {</div>
<div> starts 1 2015/11/30 19:43:57;</div>
<div> ends 1 2015/11/30 19:45:57;</div>
<div> tstp 1 2015/11/30 19:45:57;</div>
<div> cltt 1 2015/11/30 19:43:57;</div>
<div> binding state free;</div>
<div> hardware ethernet 00:1b:d5:e8:eb:93;</div>
<div> uid "\000cisco-001b.d5e8.eb93-A0001406110-Trusted\000";</div>
<div> client-hostname "A00014061";</div>
<div>}</div>
<div>lease 172.16.147.67 {</div>
<div> starts 2 2015/12/01 22:23:21;</div>
<div> ends 2 2015/12/01 22:25:21;</div>
<div> tstp 2 2015/12/01 22:25:21;</div>
<div> cltt 2 2015/12/01 22:23:21;</div>
<div> binding state free;</div>
<div> hardware ethernet 00:1b:d5:e8:eb:93;</div>
<div> uid "\000cisco-001b.d5e8.eb93-A0001406125-Trusted\000";</div>
<div> client-hostname "A00014061";</div>
<div>}</div>
<div>lease 172.16.147.68 {</div>
<div> starts 1 2015/12/14 18:20:41;</div>
<div> ends 1 2015/12/14 18:47:04;</div>
<div> tstp 1 2015/12/14 18:47:04;</div>
<div> cltt 1 2015/12/14 18:20:41;</div>
<div> binding state free;</div>
<div> hardware ethernet 00:1b:d5:e8:eb:93;</div>
<div> uid
"\000cisco-001b.d5e8.eb93-A0001406126-PCIClientVPN-147\000";</div>
<div>}</div>
<div>lease 172.16.147.69 {</div>
<div> starts 1 2015/12/14 18:47:55;</div>
<div> ends 1 2015/12/14 19:07:06;</div>
<div> tstp 1 2015/12/14 19:07:06;</div>
<div> cltt 1 2015/12/14 18:47:55;</div>
<div> binding state free;</div>
<div> hardware ethernet 00:1b:d5:e8:eb:93;</div>
<div> uid
"\000cisco-001b.d5e8.eb93-A0001406127-PCIClientVPN-147\000";</div>
<div>}</div>
<div>lease 172.16.147.70 {</div>
<div> starts 1 2015/12/14 19:07:52;</div>
<div> ends 1 2015/12/14 19:09:32;</div>
<div> tstp 1 2015/12/14 19:09:32;</div>
<div> cltt 1 2015/12/14 19:07:52;</div>
<div> binding state free;</div>
<div> hardware ethernet 00:1b:d5:e8:eb:93;</div>
<div> uid
"\000cisco-001b.d5e8.eb93-A0001406128-PCIClientVPN-147\000";</div>
<div>}</div>
<div>lease 172.16.147.71 {</div>
<div> starts 1 2015/12/21 19:07:55;</div>
<div> ends 2 2015/12/22 05:08:20;</div>
<div> tstp 2 2015/12/22 05:08:20;</div>
<div> cltt 1 2015/12/21 19:07:55;</div>
<div> binding state free;</div>
<div> hardware ethernet 00:1b:d5:e8:eb:93;</div>
<div> uid
"\000cisco-001b.d5e8.eb93-A0001406129-PCIClientVPN-147\000";</div>
<div>}</div>
<div>lease 172.16.147.131 {</div>
<div> starts 1 2016/02/08 16:00:43;</div>
<div> ends 1 2016/02/08 18:04:35;</div>
<div> tstp 1 2016/02/08 18:04:35;</div>
<div> cltt 1 2016/02/08 16:00:43;</div>
<div> binding state free;</div>
<div> hardware ethernet 00:1b:d5:e8:eb:93;</div>
<div> uid "\000cisco-001b.d5e8.eb93-PCIVWS0138-Trusted\000";</div>
<div>}</div>
<div>lease 172.17.10.76 {</div>
<div> starts 2 2015/09/01 20:52:14;</div>
<div> ends 3 2015/09/02 19:57:43;</div>
<div> tstp 3 2015/09/02 19:57:43;</div>
<div> cltt 2 2015/09/01 20:52:14;</div>
<div> binding state free;</div>
<div> hardware ethernet 00:26:18:23:d1:f6;</div>
<div> uid "\001\000&\030#\321\366";</div>
<div>}</div>
<div>lease 172.17.10.77 {</div>
<div> starts 1 2016/02/08 12:57:11;</div>
<div> ends 2 2016/02/09 12:57:11;</div>
<div> cltt 1 2016/02/08 12:57:11;</div>
<div> binding state active;</div>
<div> next binding state free;</div>
<div> hardware ethernet 00:50:56:9c:1a:1a;</div>
<div> client-hostname "ubuntu-1204-kln";</div>
<div>}</div>
<div>server-duid "\000\001\000\001\035x\310\335\000PV\220\327|";</div>
<div><br>
</div>
<div>lease 172.16.147.150 {</div>
<div> starts 1 2016/02/08 18:11:55;</div>
<div> ends 2 2016/02/09 18:11:55;</div>
<div> cltt 1 2016/02/08 18:11:55;</div>
<div> binding state active;</div>
<div> next binding state free;</div>
<div> hardware ethernet 00:1b:d5:e8:eb:93;</div>
<div> uid "\000cisco-001b.d5e8.eb93-PCIVWS0139-Trusted\000";</div>
<div> client-hostname "PCIVWS01";</div>
<div>}</div>
<div>lease 172.16.147.150 {</div>
<div> starts 1 2016/02/08 18:11:55;</div>
<div> ends 1 2016/02/08 18:20:58;</div>
<div> tstp 1 2016/02/08 18:20:58;</div>
<div> cltt 1 2016/02/08 18:11:55;</div>
<div> binding state free;</div>
<div> hardware ethernet 00:1b:d5:e8:eb:93;</div>
<div> uid "\000cisco-001b.d5e8.eb93-PCIVWS0139-Trusted\000";</div>
<div>}</div>
<div>lease 172.16.147.151 {</div>
<div> starts 1 2016/02/08 18:21:58;</div>
<div> ends 2 2016/02/09 18:21:58;</div>
<div> cltt 1 2016/02/08 18:21:58;</div>
<div> binding state active;</div>
<div> next binding state free;</div>
<div> hardware ethernet 00:1b:d5:e8:eb:93;</div>
<div> uid "\000cisco-001b.d5e8.eb93-PCIVWS0140-Trusted\000";</div>
<div> client-hostname "PCIVWS01";</div>
<div>}</div>
<div>root@lwydhcpndcp01:/var/lib/dhcp#</div>
<div><br>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
dhcp-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:dhcp-users@lists.isc.org">dhcp-users@lists.isc.org</a>
<a class="moz-txt-link-freetext" href="https://lists.isc.org/mailman/listinfo/dhcp-users">https://lists.isc.org/mailman/listinfo/dhcp-users</a></pre>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Best regards
Sten Carlsen
No improvements come from shouting:
"MALE BOVINE MANURE!!!"
</pre>
</body>
</html>