[c-nsp] static addressing to vpnclients on asa-firewall vs freeradius

ghostonthewire ghostonthewire at gmail.com
Sun Aug 10 15:22:23 EDT 2008


hi, Arne.

Arne Larsen / Region Nordjylland wrote:
> Hi all
> I need some help regarding downloading static address to vpn clients on a asa-pix firewall.

I hope you mean "assigning"?

> Does anyone have a sample off how the user entry has to look, when I’m using a freeware radius server. Both on the asa and the radius server
> Is there a attribute list available somewhere
> 

I use PIX 515E + 8.x software with FreeRADIUS. Typical entry for 
assigning static address for remote vpn user is:

dn: uid=user,ou=users,dc=somecorp,dc=org
dialupAccess: 1
gidNumber: 100
homeDirectory: /some/dir/
mail: user at somecorp.org
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: radiusprofile
objectClass: posixAccount
uid: user
cn: John User
givenName: John User
radiusFramedIPAddress: 192.168.0.1
radiusFramedIPNetmask: 255.255.255.0
sn: User
uidNumber: 100
userPassword: somepassword


More information about the cisco-nsp mailing list