- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
assign static IP addresses to users connecting tunnel-mode SSL VPN
Hello to all
I will appreciate having your assistance to find the best practice to assign static IP addresses to users connecting tunnel-mode SSL VPN.
my customer asks that each SSL VPN user must always get the same unique IP address which is never assigned to any other user.
I try to find the answer in
FortiOSâ„¢ Handbook - Authentication
http://docs.fortinet.com/uploaded/files/1937/fortigate-authentication-52.pdf
FortiOSâ„¢ Handbook - SSL VPN
http://docs.fortinet.com/uploaded/files/3603/fortigate-sslvpn-56.pdf
but I cant's find any explanation how to do it
Thank you for your help
Best Regards
Hillel Kobrovski
- Labels:
-
Identity & Access Management
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
does anybody know if using RADIUS authentication with special VSA ( Vendor Specific Attribute ) can help me solve the problem?
where can I find formal best practice instructions how to implement this kind of configuration with Microsoft Radius (IAS)?
page 22-23 from " FortiOSâ„¢ Handbook - Authentication "
FortiOS supported RADIUS attributes
RADIUS attribute-value pairs
RADIUS packets include a set of attribute-value pairs (AVP) to identify information about the user, their location
and other information. The FortiGate unit sends the following RADIUS attributes.
Radius Attribute #4 | Name = Framed-IP-Address | Description = Address to be configured for the user | AVP Type = 8
Thank You for your help
Best Regards
Hillel Kobrovski
