Ang: [VPN] Cisco 3000 VPN Concentrators and RADIUS -- Assigned IPs
hakan.palm at generic.se
hakan.palm at generic.se
Wed Feb 26 04:26:38 EST 2003
Dave,
have you tried the IP Address attribute, RADIUS attribute 8?
That should work. Just configure your RADIUS server to
return that attribute along with the rest of the attributes I guess
you have configured it to return upon a successful authentication
of the user.
Regards,
/Palm
dgoldsmith at sans.org
2003-02-25 21:28
Till: vpn at lists.shmoo.com @ INTERNET
Kopia: (Blank: Hakan Palm/Generic)
Ärende: [VPN] Cisco 3000 VPN Concentrators and RADIUS -- Assigned IPs
If I create a 'Local' user on a Cisco 3000 Concentrator, I can assign it a
specific IP address. The problem is there is a limited number of local
users/groups that can be created on the device.
If I create a 'Local' group that is authenticated via an external RADIUS
server, I have an unlimited number of clients, but I have not found a way
to assign static IPs. I've only been able to have them use the dynamically
assigned pool.
Q1) Can you configure a RADIUS server to hand back an IP address with the
approved authentication request.
Q2) We are using FreeRADIUS on Linux with a MySQL backend tied to the
CryptoCard admin software. Assuming the answer to Q1 was yes, is
it possible to do it under this specific configuration?
Thanks,
Dave Goldsmith
_______________________________________________
VPN mailing list
VPN at lists.shmoo.com
http://lists.shmoo.com/mailman/listinfo/vpn
More information about the VPN
mailing list