Xauth with ias and ip, dns attributes



  • Hello all,

    I checked in the forum if some previous posts could help me, but didn’t find the correct answers.
    I’m running a ssg 520 screenos 6.0r3 and an ias2003

    I’ve correctly followed a kb of juniper and configured the ssg to get the authentification on the ias.
    I’ve configured 3 ip pool on the rras (integrated to work the ias)
    I’ve multiple groups with different kind of access.

    How the ias or the rras can give ip from a specified pool, dns etc to the dialup client?
    Or do i need to configure the framed pool with the name of an ippool of the ssg?

    Thnx,

    Ben



  • i would use frame pool to accomplish this, currently in screenos you can only have 1 ip pool per 1 vpn.

    to get framepool working (undocumented) best to stick w/ 5.4 and above

    on the radius you have to have framed ip of 255.255.255.254 and the name of the ip pool thats on the firewall via Framed Pool (attribute 88)

    Joe


 

36
Online

38.4k
Users

12.7k
Topics

44.5k
Posts