RADIUS User authentication through ipsec tunnel

buzzd · August 07, 2022, 07:27:32 PM

Hello,

the topic isn't new and already marked as solved as one can see here:

https://forum.opnsense.org/index.php?topic=11357.msg51419#msg51419

but I struggle to configure it. I don't get how to add the WAN IP to IPSEC SA. Anyone able to lead me into the right direction?

Thanks in advance
BuzzD

mimugmail · August 07, 2022, 10:28:10 PM

You create a new SA, a Phase2, as local network your wan IP with /32 .. and remote the network of radius

buzzd · August 08, 2022, 07:33:08 PM

Thanks a lot. I still have a weird behavior. When I create a new SA, as local my IP with /32 I get the error

can't install route for x.x.x.x === y.y.y.y out, conflicts with IKE traffic

Since I have a /30 Public IP I changed my local IP to /30. Now its working like a charm. Not sure if that behavior is wanted.

Anyway, I really appreciate your help.

BuzzD

RADIUS User authentication through ipsec tunnel

buzzd

August 07, 2022, 07:27:32 PM

mimugmail

August 07, 2022, 10:28:10 PM #1

buzzd

August 08, 2022, 07:33:08 PM #2