[VPN] Cisco 3000 VPN Concentrators and RADIUS -- Assigned IPs
David Goldsmith
dgoldsmith at sans.org
Mon Feb 24 16:19:12 EST 2003
If I create a 'Local' user on a Cisco 3000 Concentrator, I can assign it a
specific IP address. The problem is there is a limited number of local
users/groups that can be created on the device.
If I create a 'Local' group that is authenticated via an external RADIUS
server, I have an unlimited number of clients, but I have not found a way
to assign static IPs. I've only been able to have them use the dynamically
assigned pool.
Q1) Can you configure a RADIUS server to hand back an IP address with the
approved authentication request.
Q2) We are using FreeRADIUS on Linux with a MySQL backend tied to the
CryptoCard admin software. Assuming the answer to Q1 was yes, is
it possible to do it under this specific configuration?
Thanks,
Dave Goldsmith
More information about the VPN
mailing list