VPN concentrator and reserve specific ip to a user

I have got Cisco VPN concentrator 3030 at work , it is working fine.

I have got mobile PC (with Cisco PC client ) that is looking to access its correspondent server in the DMZ area (192.168.101.204) at work 's network, through VPN concentrator.

How can i assigned a specific ip address from internal pool (10.2.2.1-10.2.2.10) for that mobile PC ,,,the reason I am doing that to reserve the specific private ip address for that mobile PC

We use safeword Token for authentication

How can I configure that on VPN ?

On PIX, I have got no problem to configure ACL from inside to DMZ.
Back to top


I have been advised to read the "admin guide", in link below :
http://www.cisco.com/en/US/product [...] f96c.shtml

under the heading below:

What I did as follow :
http://img204.imageshack.us/img204/7306/vpnpooleu1.jpg

1- I modified the existing current group (see my VPN figure ) to be from range 10.2.2.1-10.2.2.9 instead of 10.2.2.1-10.2.2.10
2- Create another group called : " mobile_users "
3- Create a user called : " commuter "
4- Assign the user " commuter " to the group " mobile_user "
5- Assign ip address 10..2.2.2 to the user " commuter "

6- In the cisco site that I have posted , it syas: tick option for " User address from Authentication Server ",,,,I do not think this will apply to me (right now we use AD for authentication) ?

I am using production box, I have to assure that the modification above (off peack time) does not screw up the whole system