IKEv2 EAP-RADIUS + group authentication
We'd like to replace our legacy Cisco ASA IKEv1 VPN.
Actually, we authenticate user using a radius backend + group name and mutual PSK to access VPN. Depending of their groups, we chose to annonce certain networks instead of others.
Sales group, authenticated with a PSK, has access to network A and B
Tech group, also authenticated with a PSK, has access to network B and C
Is there a way to reproduce this using PFSense + IKEv2 EAP-RADIUS ?