IPSec Mobile User System Logs
I apologies in advance if I do not have the necessary knowledge for racoon and Mobile IPSEC via PFSENSE.
PFSENSE ver. 1.2.3 RC-1
I do prefer IPSEC over PPTP, but from a monitoring perspective it seems to be harder to monitor who are the users logged in via Mobile IPSEC. Users have a User FQDN assigned to them, but when I review the logs I don't see their credentials, another thing is that when a PPTP user connects it's assigned an IP address, which I can use to connect remotely to their system if needed.
- Is this achievable in IPSEC ?
- Does the IPSEC mobile client receive an IP ?
With Mobile IPSec, you generally hardcode a client's IP address in the client configuration, so you'll have some idea of which one is which.
If you have the Dashboard package installed, I've fixed it so the IPSec status widget properly shows the status of mobile clients which are connected. It will list the peer IP address as well as the VPN IP address for the client. Unfortunately, as far as I can tell there is no way to see which client is which based on the identifier. I'd really like the ability to match them up that way as well.
I'd say you should check out OpenVPN, but I don't think that it has a means of getting that sort of information either, at least on 1.2.x.