I have Freeradius 1.0 port on FreeBSD 4.10. I'm using it to authenticate
our VPN connections from a PIX 525. The radius server is located inside of
our internal network, and it is authenticating (per the logs) fine, but when
the VPN tunnel using Cisco VPN 4.60 is connected, the remote client cannot
see, or connect to any internal machine, either in our DMZ or Internal
Subnet.
We use group authentication on the vpn client.
I have tried several users configs:
user1 Auth-Type := EAP, User-Password == "password1"
Cisco-AVPair += "ip:inacl#1=deny icmp any any",
Cisco-AVPair += "ip:inacl#2=permit ip any any"
user2 Auth-Type := Local, User-Password == "password2"
Filter-Id = "vpngroup"
wli Auth-Type := Local, User-Password == "test123ing"
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-Routing = Broadcast-Listen,
Framed-Filter-Id = "std.ppp",
Framed-MTU = 1500,
Framed-Compren = Van-Jacobsen-TCP-IP
test Auth-Type := Local, User-Password == "test"
Service-Type = Framed-User,
Filter-Id = "vpngroup"
I feel like I am loosing it.
Sincerely,
Shawn Saunders
----------------------------------------------------------
IMPORTANT WARNING: This email (and any attachments) is only intended for the use of
the person or entity to which it is addressed, and may contain information that is
privileged and confidential. You, the recipient, are obligated to maintain it in a
safe, secure and confidential manner. Unauthorized redisclosure or failure to
maintain confidentiality may subject you to federal and state penalties. If you are
not the intended recipient, please immediately notify us by return email, and delete
this message from your computer.
----------------------------------------------------------
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
