Assigned VPN IPs

Hello everyone.

I'm back again with another question for the veterans here. I have my first couple of test vpn users working now. I created a new ip segment for them 192.168.5.x and the traffic seems to be flowing fine for me but.....

My boss just called, he is working from home today and he was showing as connected when I looked in ADSM under the monitoring. But he said that he wasn't on his end. He would try and reconnect and I could see in the Syslog entries that were flying by that it wouldn't reconnect due to not being able to give him an IP.

I set up specific IPs for users just to try and keep things straight. I guess I really don't need to do that since there technically is an IP Pool on the ASA that is set up.

The question becomes, is there any huge reason to assign IPs to users or should I just let DHCP hand them out. If they lose there connection they would just get another one and the first would eventually time out and get recycled. The default setting it appears is to allow 3 connections at a time max.

TIA.

Humm... I don't see a huge reason that you could not assign static IP users. It would allow you to know who each user is by looking at their IP.

How many VPN users do you have? If you only have a few users then statically assigning wouldn't be that bad, but if you have 100s then it could be a problem.

There are only about 15 right now, so thats not the issue. The problem is that for some reason when my boss logs in, if his connection gets trashed (he's using wireless at home). He can't get reconnected. What I see in the syslog is that it can't assign him an IP and I thought it was because it had one assigned to him.

But I did some tests last night and early this morning and can't seem to duplicate that problem. I had it allow me back on up to the limit of 3 that is set by default.

So my initial thought was to remove the IPs and just let the traffic flow. But it would be nice to quickly see who is on as the syslog traffic flows by.