Hi,
I've got an interesting problem with current VPN setup.
The setup is VPN concentrator with public and external interface terminating all VPN connections.
Currently there is are 5 users (general managers) who use PPTP to connect to the network from anywhere. They connect through the public interface from the internet to the VPN concentrator and are authenticated by an internal MS IAS server. I now have numerous users who want to use IPSec VPN terminating on the external interface. Whilst testing, the admin who looks after the IAS server is unable to determine which connection the tunnel request is coming from, i.e. whether it's a PPTP user accessing via the internet or an IPSec user accessing via the private IP network.
Is there anyway that on the initial access-request RADIUS message that I can pass the client IP address so I can determine whether it's a PPTP tunnel or an IPSec tunnel? Or if I can pass anything to the internal IAS server to distinguish where the connection orginates? The IAS admin has tried to configure passing attribute 25 back to lock the users into an IPSec only or PPTP only group but hasn't been sucessful.
Reason for this is that they currently only have one remote acces group configured internally and don't want anyone who will be given IPSec access to get PPTP access by default.
Thanks in advance.
Gideon