Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you may not be able to execute some actions.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

Static IP address asignment for IPSec mobile clients

B

baltazar_gabka last edited by
Is it possible to assign static IP address to specific client in FreeRADIUS for IPSec Mobile clients?

I tried "Framed-IP-Address = 10.0.0.100" however that does not work.
```
"testuser" Auth-Type = googleauth

	MOTP-Init-Secret = XXXXXXXXXXXXXXXX,
	MOTP-PIN = XXXXXX,
	MOTP-Offset = 0,
	Framed-IP-Address = 10.0.0.100
```
Reply Quote 0
1 Reply Last reply
jimp Rebel Alliance Developer Netgate last edited by

Yes but at the moment you can only do that if you:

1. Empty out the mobile client subnet entered in the Virtual Address Pool box (VPN > IPsec, Mobile tab)
2. Assign a static IP address to every user

We're working on a way to have it prefer radius and fail back to a local pool if needed, see https://redmine.pfsense.org/issues/8160
Reply Quote 0
1 Reply Last reply
NogBadTheBad Galactic Empire last edited by

The following works for me after doing step 1

"test-user" Cleartext-Password := "XXXXXXXXXXXXXXX", Simultaneous-Use := "1", Expiration := "Jan 01 2020", NAS-Identifier == strongSwan

Framed-IP-Address = 172.16.9.254,
Framed-IP-Netmask = 255.255.255.0,
Framed-Route = "0.0.0.0/0 172.16.0.1 1",

Remember the Simultaneous-Use := "1" if your giving them a fixed IP.

https://forum.pfsense.org/index.php?topic=130715.0
Reply Quote 0
1 Reply Last reply

3
Posts

159
Views

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy

1 / 1