Problemers using Freeradius with Anyconnect..

Thomas Raabo - ZitCom A/S tr at zitcom.dk
Tue Sep 28 12:12:57 CEST 2010


Omg...

What a typo! :(

Been looking blind at this for like 4 hours... wow

Med venlig hilsen | Best regards
Thomas Raabo
Netværksansvarlig




tr at zitcom.dk | Direkte: +45 69 10 60 18 | Tlf: +45 70 23 55 66


-----Original Message-----
From: freeradius-users-bounces+tr=zitcom.dk at lists.freeradius.org [mailto:freeradius-users-bounces+tr=zitcom.dk at lists.freeradius.org] On Behalf Of Alan DeKok
Sent: 28. september 2010 12:03
To: FreeRadius users mailing list
Subject: Re: Problemers using Freeradius with Anyconnect..

Thomas Raabo - ZitCom A/S wrote:
> The problem is that when I use Freeradius the ASA just don’t seem to 
> get the framed-ip-address or something… ( when we try to connect with
> anyconnect it gives the error    host or network is 0) with IAS the
> right ip gets assigned and all just works

  You have configured FreeRADIUS to send back the wrong IP address.

  IAS is sending "...129".  FreeRADIUS is sending "....128".  The reason "128" doesn't work is that it's not a valid IP address for the network you configured.

  Change the configuration to make FreeRADIUS send back the same IP as IAS.

  RADIUS isn't complicated.  You can make the Access-Accept from FreeRADIUS identical to the Access-Accept from IAS.  Once that happens, the NAS will do the same thing for both servers.

  Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html




More information about the Freeradius-Users mailing list