We are using vpn concentrator for RAS vpn and authenticate users by means of X.509 certificates with RADIUS authorization (without XAUTH authentication). We have one vpngroup configured localy on vpn 3005 concentrator and by means of RADIUS AV pairs I change some configuration parameters like split-tunnel configuration. I would like to also force some users to use XAUTH by means of IPSec-Authentication RADIUS av pair. But if I try to send this AV pair during authorization phase it seems that vpn concentrator ignore it. I guess that this is because authorization phase goes after authentication and concentrator is unable to restart XAUTH. So my questions is whether I could use IPSec-Authentication av pair this way or not. Any information would be appreciated.
Thank you very much for you help and excuse my English.