[Openswan Users] MODECFG

Marcus Leech mleech at nortel.com
Thu Feb 17 15:23:39 CET 2005


I noticed that in the MODECFG code, client-side address allocation is 
only done
  if you have the XAUTH_PAM code loaded.  Why is that?

Also, is it possible to use MODECFG, but still authenticate the end-user
  with certificates?

It seems to me that the get_internal_addresses() code could reasonably 
have other
  allocation strategies than going through PAM, like DHCP, or a 
configuration
  file containing an "address pool".




More information about the Users mailing list