DialUp IPSec VPN - Assign IP From SAML Group

Forum|Forum|26 days ago
May 14, 2026
2 replies
45 views

I have an DialUp VPN with Entra ID Auth. IP Assignment via IP Range.

I want to assign different ranges to different users based in their Group memberships.

I found CLI Option "set assign-ip-from usrgrp".

Is it possible to use this or any other option to archive this behaviour?

AEK

SuperUser

If I remember well this can be done only with a RADIUS server.

AEK

funkylicious

SuperUser

another option would be to create a separate IPsec tunnel for each group with the help of Local ID defined/configured to differentiate between them if using IKEv1 or Network ID if using IKEv2 and EMS or manually editing the xml config file :(

"jack of all trades, master of none"

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded