I've got an interesting problem with current VPN setup.
Setup is VPN concentrator with public and external interface terminating all VPN connections.
Currently there is are 5 users (general managers) who use PPTP to connect to the network from anywhere. They connect through the public interface from the internet to the VPN concentrator and are authenticated by an internal MS IAS server. I now have numerous users who want to use IPSec VPN terminating on the external interface. Whilst testing, the admin who looks after the IAS server is unable to determine which connection the tunnel request is coming from, i.e. whether it's a PPTP user accessing via the internet or an IPSec user accessing via the private IP network.
Is there anyway that on the initial access-request RADIUS message that I can pass the client IP address so I can determine whether it's a PPTP tunnel or an IPSec tunnel? Or if I can pass anything to the internal IAS server to distinguish where the connection orginates?
Reason for this is that they currently only have one remote acces group configured internally and don't want anyone who will be given IPSec access to get PPTP access by default.
Re: IAS server authenticating multiple tunnel types
I don't know of anyway to do that and have a feeling that you'll have to end up setting the PPTP users to the local database on your concentrator, or use cisco's ACS server inorder to get that kind of granularity.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...