From b074c9b48e299005ecbd3e66db438dddcba02813 Mon Sep 17 00:00:00 2001 From: Stephan de Wit Date: Mon, 29 Jan 2024 09:44:03 +0100 Subject: [PATCH] VPN: IPsec: small note about Radius usage in road warrior setups --- source/manual/vpnet.rst | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/source/manual/vpnet.rst b/source/manual/vpnet.rst index 2b3d8b0..1fae25f 100644 --- a/source/manual/vpnet.rst +++ b/source/manual/vpnet.rst @@ -267,6 +267,12 @@ In case clients should be offered default settings, these can be configured from Pool options (Virtual IPvX Address Pool) on this page will be used by the legacy tunnel configuration only, when using the new connections module one may configure different pools per connection. +.. note:: + + If you are configuring Radius authentication using the new Connections module, make sure to select the relevant Radius servers + in :menuselection:`VPN -> IPsec -> Mobile Clients` under Radius (eap-radius). This pool of servers will be shared across + all connections. This option will not be visibile if you have legacy Radius authentication methods configured. + The examples section contains various options available in OPNsense. When using the new "connections" option available as of OPNsense 23.1, different `examples from Strongswan `__ are usually quite easy to implement as we follow the `swantcl.conf `__