Source interface for RADIUS auth traffic
-
Hmm, interesting. Yeah I really would not expect that to be routable anywhere. You should not be able to add that in AWS IMO.
The security implications are probably low given it's only a single IP.Glad you found a solution. That sort of thing worries me though. AWS might decide to make that non-routable (correctly) in the future and that would then break it.
Steve
-
@stephenw10
The AWS side will likely propagate whatever you advertise to it, because I manage both ends and that's just how the virtual private gateway works in AWS.
I guess there might be a slight risk here, but hopefully AWS won't make a change that reject these routes.Of course, ideally I hope that pfSense will allow the source to be configured in a future release of the OS. As far as I know, other firewall vendors are able to do so.
/Thomas