I have successfully integrated VPN ikev2 with eap-radius authentication mode. I’m using mikrotik radius as radius server. When a user connect to the VPN server, he will get an private ip from the pool as expected, and all connectivity through VPN running well.
If i take a look on the user manager, the user address is empty. I have trying with different vpn protocols (sstp, l2tp, openvpn), user manager able to catch the user address IPs.
I have checked the radius, and accouting feature was enabled. Did i miss something?
Here is my ikev2 configuration
2026-02-06 09:49:17 by RouterOS 7.20.7 model = CCR1009-7G-1C-1S+ /ip ipsec policy group add name=group1-ikev2 /ip ipsec profile set [ find default=yes ] dpd-interval=2m dpd-maximum-failures=5 add dh-group=ecp256,modp2048,modp1024 dpd-interval=2m enc-algorithm= aes-256,aes-128 name=profile1-ikev2 /ip ipsec proposal add enc-algorithms=aes-128-cbc lifetime=1d name=asyst pfs-group=modp2048 add auth-algorithms=sha256,sha1 enc-algorithms=aes-256-cbc,aes-128-cbc lifetime=1h name=proposal1-ikev2 pfs-group=none /ip pool add name=pool-ovpn-lintas ranges=10.0.8.10-10.0.9.254 /ip ipsec mode-config add address-pool=pool-ovpn-lintas address-prefix-length=32 name=cfg1-ikev2 split-include="10.20.0.0/16,10.30.0.0/16,10.40.0.0/16,10.51.0.0/16,10.154. 14.0/24,172.25.207.0/24,172.30.6.0/24,183.23.35.128/28" static-dns= 10.20.30.60,8.8.8.8 system-dns=no /ip ipsec identity add generate-policy=port-strict peer=asyst add auth-method=eap-radius certificate=server-LA-ikev2 generate-policy= port-strict mode-config=cfg1-ikev2 peer=peer-ikev2 policy-template-group= group1-ikev2 /ip ipsec settings set interim-update=1m /ppp aaa set use-radius=yes /radius add address=xxx require-message-auth=no service=ppp,ipsec timeout=300ms /radius incoming set accept=yes
Thank you.