PIX Firewall MAC address VPN IP address
Would it be possible for a PIX 515e to have IP address reservation for the
VPN users based on the MAC address of the remote user?
Re: PIX Firewall MAC address VPN IP address
In article <DwXFf.50831$HW3.email@example.com>,
Julian Dragut <firstname.lastname@example.org> wrote:
>Would it be possible for a PIX 515e to have IP address reservation for the
>VPN users based on the MAC address of the remote user?
Not in PIX 6.x, and I would think it unlikely in PIX 7.0.
IPSec encapsulates content at the IP level, and the IP level
does not include MAC addresses.
If there is any way to get at the MAC address in PIX 6.x, it would have
to be via RADIUS or TACACS+ -- I don't know what information is
potentially available for them. It doesn't matter in PIX 6.x
as RADIUS and TACACS+ cannot be used for IP selection in PIX 6.x.
PIX 7.0 does not appear to support EAP or LEAP authentication.
It does support LDAP; I don't know if LDAP carries the MAC as one
of the attributes. I wouldn't -expect- IP addresses to be selectable
that way anyhow.
|All times are GMT. The time now is 01:15 PM.|
Powered by vBulletin®. Copyright ©2000 - 2014, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.