[Openswan Users] Difference between l2tp and rp-l2tp

Jacco de Leeuw jacco2 at dds.nl
Wed Jan 26 00:23:44 CET 2005


sasa wrote:

>>No, this is not the equivalent. L2tpd can assign IP addresses, but
>>rp-l2tp cannot. Unless rp-l2tp gets help from a RADIUS or DHCP plugin.
> 
> 
> ..therefore I am forced to use a dhcp server ? there is a another way ?

Or RADIUS. Or Samba / Windows Server (via the Winbind plugin). Or LDAP.
Or (perhaps) any PAM module (via the PAM plugin).

>>>section peer
>>>peer 10.0.0.200
> 
> I am sorry but I have not understood .. in this way the client vpn it comes
> assigned the address 10.0.0.200 ??

No, this line does not assign the virtual IP address. Sorry for the confusion.
These 'peer' lines indicates what clients are allowed to connect. So generally
you will want to set this to 'peer 0.0.0.0' with a separate line 'mask 0'.
The virtual IP addresses are actually assigned in the 'lns-pppd-opts' line:

lns-pppd-opts "debug refuse-pap require-chap 10.0.0.200:10.0.0.37 ...etc."

This will work only with one particular client (should be OK for testing).
When you decide that you do want to use multiple clients, you will need
a plugin. You add this plugin and remove the static client IP address:

lns-pppd-opts "debug refuse-pap require-chap 10.0.0.200: plugin radius.so
...etc."

This is standard PPP stuff, so we are starting to get a little bit
off-topic here.

Jacco
-- 
Jacco de Leeuw                         mailto:jacco2 at dds.nl
Zaandam, The Netherlands           http://www.jacco2.dds.nl


More information about the Users mailing list