[strongSwan] Framed-Ip-Address not sent to client?
Laurens Vets
laurens at daemon.be
Mon Apr 18 06:03:56 CEST 2016
Hello list,
I have a strongSwan setup with a Freeradius backend. Currently, only
authentication with Radius works. I've now set up Freeradius to also
give out ip addresses via Framed-Ip-Address. This seems to according to
the Radius logs.
When I change "rightsourceip=10.0.0.0/24" to "rightsourceip=%radius",
strongSwan is still giving out ip addresses from that initial pool
instead of using the Framed-Ip-Address (they are different subnets):
Apr 18 03:52:35 irkalla charon: 11[IKE] peer requested virtual IP %any
Apr 18 03:52:35 irkalla charon: 11[CFG] reassigning offline lease to
'USERNAME'
Apr 18 03:52:35 irkalla charon: 11[IKE] assigning virtual IP 10.0.0.1
to peer 'USERNAME'
Apr 18 03:52:35 irkalla charon: 11[IKE] peer requested virtual IP %any6
Apr 18 03:52:35 irkalla charon: 11[IKE] no virtual IP found for %any6
requested by 'USERNAME'
Apr 18 03:52:35 irkalla charon: 11[IKE] CHILD_SA iOS-radius{21}
established with SPIs c06aea1d_i 05378192_o and TS 0.0.0.0/0 ===
10.0.0.1/32
Any idea what I might be missing?
More information about the Users
mailing list