We want to integrate the Cisco VPN
for the test scenario it is working very good, but for production we need to send a "Group-Policy" Attribute
"Group-Policy" attribute is a Cisco VPN-related VSAs, identified by RADIUS vendor ID 3076 #25
(from the Cisco Documentation):
Group-Policy |
Y |
25 |
String |
Single |
Sets the group policy for the remote access VPN session. For Versions 8.2.x and later, use this attribute instead of IETF-Radius-Class. You can use one of the following formats:
|
I can send the IETF-Radius-Class (Class) attribute with the result specification in the Radius Policy:
Class / groups / cn\Wpolicy_* / {groups} (send the group that begins with policy_, eg cn=policy_im,ou=,....) that works, but since Version 8.2.x we should send the "Group-Policy" attribute instead.
but how can I send the group in the Vendor specific attribute 3076#25? (we need that in the production environment to match group to specific ip-range with vpn)
regards
claus