[Openswan Users] Any way to restrict a particular user group to an IP range
Paul Wouters
paul at xelerance.com
Mon Jun 22 10:09:59 EDT 2009
On Mon, 22 Jun 2009, Janantha Marasinghe wrote:
> My current setup is Openswan, Xl2tpd. My problem is described below.
> Say for example you have different users belonging to different orgs
> connecting to the same VPN server. Please note that the users will be
> dynamic Road warriors. I'm wondering whether there is a way to give
> certain IP ranges to certain user groups rather than giving IP addresses
> from the same range. Thanks a lot for the support
Yes. in /etc/ppp/chap-secrets you can do things like:
# client server secret IP addresses
paul * password 192.168.1.0/24
john * password 192.168.1.0/24
marketing * password 192.168.2.0/24
You can even hand out specific IP's
Paul
More information about the Users
mailing list