Text only | Text with Images

OPNsense Forum

Archive => 22.7 Legacy Series => Topic started by: buzzd on August 07, 2022, 07:27:32 PM

Title: RADIUS User authentication through ipsec tunnel
Post by: buzzd on August 07, 2022, 07:27:32 PM
Hello,

the topic isn't new and already marked as solved as one can see here:

https://forum.opnsense.org/index.php?topic=11357.msg51419#msg51419

but I struggle to configure it. I don't get how to add the WAN IP to IPSEC SA. Anyone able to lead me into the right direction?

Thanks in advance
BuzzD
Title: Re: RADIUS User authentication through ipsec tunnel
Post by: mimugmail on August 07, 2022, 10:28:10 PM
You create a new SA, a Phase2, as local network your wan  IP with /32 .. and remote the network of radius
Title: Re: RADIUS User authentication through ipsec tunnel
Post by: buzzd on August 08, 2022, 07:33:08 PM
Thanks a lot. I still have a weird behavior. When I create a new SA, as local my IP with /32 I get the error

can't install route for  x.x.x.x === y.y.y.y out, conflicts with IKE traffic

Since I have a /30 Public IP I changed my local IP to /30. Now its working like a charm. Not sure if that behavior is wanted.

Anyway, I really appreciate your help.

BuzzD
Text only | Text with Images