Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Static IP address asignment for IPSec mobile clients

    Scheduled Pinned Locked Moved IPsec
    3 Posts 3 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      baltazar_gabka
      last edited by

      Is it possible to assign static IP address to specific client in FreeRADIUS for IPSec Mobile clients?

      I tried "Framed-IP-Address = 10.0.0.100" however that does not work.

      
"testuser" Auth-Type = googleauth

	MOTP-Init-Secret = XXXXXXXXXXXXXXXX,
	MOTP-PIN = XXXXXX,
	MOTP-Offset = 0,
	Framed-IP-Address = 10.0.0.100
      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        Yes but at the moment you can only do that if you:

        1. Empty out the mobile client subnet entered in the Virtual Address Pool box (VPN > IPsec, Mobile tab)
        2. Assign a static IP address to every user

        We're working on a way to have it prefer radius and fail back to a local pool if needed, see https://redmine.pfsense.org/issues/8160

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • NogBadTheBadN
          NogBadTheBad
          last edited by

          The following works for me after doing step 1

          "test-user" Cleartext-Password := "XXXXXXXXXXXXXXX", Simultaneous-Use := "1", Expiration := "Jan 01 2020", NAS-Identifier == strongSwan

          Framed-IP-Address = 172.16.9.254,
          Framed-IP-Netmask = 255.255.255.0,
          Framed-Route = "0.0.0.0/0 172.16.0.1 1",

          Remember the Simultaneous-Use := "1" if your giving them a fixed IP.

          https://forum.pfsense.org/index.php?topic=130715.0

          Andy

          1 x Netgate SG-4860 - 3 x Linksys LGS308P - 1 x Aruba InstantOn AP22

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.