[Openswan Users] Any way to restrict a particular user group to an IP range

Janantha Marasinghe janantha at techcert.lk
Mon Jun 22 22:55:43 EDT 2009

Hi Paul,

Thanks! I came across this too as I was reading your book Its a great
book! Many thanks!

Paul Wouters wrote:
> On Mon, 22 Jun 2009, Janantha Marasinghe wrote:
>> My current setup is Openswan, Xl2tpd. My problem is described
>> below. Say for example you have different users belonging to
>> different orgs connecting to the same VPN server. Please note
>> that the users will be dynamic Road warriors. I'm wondering
>> whether there is a way to give certain IP ranges to certain user
>> groups rather than giving IP addresses from the same range.
>> Thanks a lot for the support
> Yes. in /etc/ppp/chap-secrets you can do things like:
> # client    server    secret            IP addresses paul        *
> password john        *    password
> marketing    *    password
> You can even hand out specific IP's
> Paul

More information about the Users mailing list