Hello, I aim at setting up an IPsec tunnel between an IPsec client and an IPsec Gateway using IKEv2 and EAP-TLS for authentication. I am using freeradius as RADIUS server, and the authentication is working well. Currently the Gateway is assigning an IP address from a specific pool to the IKEv2 client.
However I'd like the RADIUS server to assign this IP address and send it within the Access-Accept in the Framed-IP-Address attribute (to avoid configuring the IPsec Gateway with the tunnel address). I saw that FreeRADIUS has several IP Pool modules which have the ability to assign dynamic IP address to RADIUS sessions types where the NAS has control over the the users IP, however not for Ethernet. Is there a way (e.g. using DHCP) to assign an IP address to the Ipsec client and send it the Access-Accept in the Framed-IP-Address attribute? Best regards, Laurence
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
