USG: IPSEC modeconfig and radius questons
Options
Hello, I'm using USG40 as a server (=main office) with roaming customers,
- Can I use modeconfig pushing from server in any other scenario except "Remote Access" scenario? I want to allow users to access main office internal network and do not capture customers default route.
- I [can] use Radius for authentificating IPSEC users (tried with IKE1, but sure IKE2/EAP will work too). Can I pass IP address for modeconfig via radius? What can I pass from Raduis to IPSEC server as Authorization info at all? Is there a document that describes that (and raduis dictonary)?
Thanks.
- I [can] use Radius for authentificating IPSEC users (tried with IKE1, but sure IKE2/EAP will work too). Can I pass IP address for modeconfig via radius? What can I pass from Raduis to IPSEC server as Authorization info at all? Is there a document that describes that (and raduis dictonary)?
Thanks.
0
Accepted Solution
-
I have similar scenario on my environment.
As I know, the mode config only support when phase 2 select Remote Access. All VPN clients can access internal network. Not sure you mean do not capture customers default route.
The IP address are assigned from USG(Mode config) could not assign IP by Radius(authentication only)5
All Replies
-
I have similar scenario on my environment.
As I know, the mode config only support when phase 2 select Remote Access. All VPN clients can access internal network. Not sure you mean do not capture customers default route.
The IP address are assigned from USG(Mode config) could not assign IP by Radius(authentication only)5 -
Thanks. Very pity to hear that radius can be used for Authentification but not for Authorization...
0
Categories
- All Categories
- 396 Beta Program
- 2.1K Nebula
- 116 Nebula Ideas
- 78 Nebula Status and Incidents
- 5.1K Security
- 51 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 70 Switch Ideas
- 907 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 210 Service & License
- 332 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.9K FAQ
- 880 Nebula FAQ
- 415 Security FAQ
- 221 Switch FAQ
- 195 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 137 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 63 Security Highlight