Community discussions

MUM Europe 2020
 
zakynthoswifi
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 74
Joined: Thu Jul 17, 2014 12:38 am
Location: Zakynthos
Contact:

VPN only for radius

Sun Dec 17, 2017 2:36 am

Hello,
I'm looking for a solution to authenticate hotspot users via a DMA radius. I don't have static IP so i need a "tunnel", I can't make my ip static due to provider limits... so I configured a vpn but i want only the traffic for radius to pass through this tunnel the normal traffic passes from the local DSL connection there... Please can you help me?
Ilias Theodosis
Network & Security Engineer
Cisco CCNA,CCNP,CCIE
Network Solutions Ltd.
Zakynthos, Greece
 
mistry7
Forum Guru
Forum Guru
Posts: 1358
Joined: Tue Oct 13, 2009 11:57 am
Location: Germany

Re: VPN only for radius

Sun Dec 17, 2017 10:25 am

whats about static routing?
 
pe1chl
Forum Guru
Forum Guru
Posts: 5985
Joined: Mon Jun 08, 2015 12:09 pm

Re: VPN only for radius

Sun Dec 17, 2017 1:18 pm

What is your VPN solution and how is it configured?
Try to remove any "set default route to this VPN" option.
 
zakynthoswifi
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 74
Joined: Thu Jul 17, 2014 12:38 am
Location: Zakynthos
Contact:

Re: VPN only for radius

Sun Dec 17, 2017 5:04 pm

This is my network topology. I have a simple pptp vpn
You do not have the required permissions to view the files attached to this post.
Ilias Theodosis
Network & Security Engineer
Cisco CCNA,CCNP,CCIE
Network Solutions Ltd.
Zakynthos, Greece
 
zakynthoswifi
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 74
Joined: Thu Jul 17, 2014 12:38 am
Location: Zakynthos
Contact:

Re: VPN only for radius

Sun Dec 17, 2017 5:17 pm

What is your VPN solution and how is it configured?
Try to remove any "set default route to this VPN" option.
my vpn is pptp if i remove add default route i can ping the gateway of vpn server but no the dma radius manager (192.168.90.119) it returns timeout, the same happens if i try to ping a host i.e. 192.168.88.153 it returns timeout
Ilias Theodosis
Network & Security Engineer
Cisco CCNA,CCNP,CCIE
Network Solutions Ltd.
Zakynthos, Greece
 
zakynthoswifi
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 74
Joined: Thu Jul 17, 2014 12:38 am
Location: Zakynthos
Contact:

Re: VPN only for radius

Sun Dec 17, 2017 6:20 pm

#UPDATE#
I can ping the radius server only if I specify the vpn interface under ping tool /ping 192.168.90.119 interface=VPN
Ilias Theodosis
Network & Security Engineer
Cisco CCNA,CCNP,CCIE
Network Solutions Ltd.
Zakynthos, Greece
 
pe1chl
Forum Guru
Forum Guru
Posts: 5985
Joined: Mon Jun 08, 2015 12:09 pm

Re: VPN only for radius

Sun Dec 17, 2017 9:16 pm

After you have removed the default, you should add a route to the subnet where your RADIUS server is, via the PPTP VPN.
 
zakynthoswifi
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 74
Joined: Thu Jul 17, 2014 12:38 am
Location: Zakynthos
Contact:

Re: VPN only for radius

Sun Dec 17, 2017 11:26 pm

After you have removed the default, you should add a route to the subnet where your RADIUS server is, via the PPTP VPN.
I'm trying to add route but no luck... can you help me?
Ilias Theodosis
Network & Security Engineer
Cisco CCNA,CCNP,CCIE
Network Solutions Ltd.
Zakynthos, Greece
 
zakynthoswifi
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 74
Joined: Thu Jul 17, 2014 12:38 am
Location: Zakynthos
Contact:

Re: VPN only for radius

Tue Dec 19, 2017 12:09 pm

| SOLVED |
Ilias Theodosis
Network & Security Engineer
Cisco CCNA,CCNP,CCIE
Network Solutions Ltd.
Zakynthos, Greece

Who is online

Users browsing this forum: Google [Bot] and 64 guests