IKEv2 EAP-RADIUS + group authentication



  • Hi,

    We'd like to replace our legacy Cisco ASA IKEv1 VPN.
    Actually, we authenticate user using a radius backend + group name and mutual PSK to access VPN. Depending of their groups, we chose to annonce certain networks instead of others.

    Example
    Sales group, authenticated with a PSK, has access to network A and B
    Tech group, also authenticated with a PSK, has access to network B and C

    Is there a way to reproduce this using PFSense + IKEv2 EAP-RADIUS ?