[Openswan Users] Any way to restrict a particular user group to an IP range
Janantha Marasinghe
janantha at techcert.lk
Mon Jun 22 22:55:43 EDT 2009
Hi Paul,
Thanks! I came across this too as I was reading your book Its a great
book! Many thanks!
Paul Wouters wrote:
> On Mon, 22 Jun 2009, Janantha Marasinghe wrote:
>
>> My current setup is Openswan, Xl2tpd. My problem is described
>> below. Say for example you have different users belonging to
>> different orgs connecting to the same VPN server. Please note
>> that the users will be dynamic Road warriors. I'm wondering
>> whether there is a way to give certain IP ranges to certain user
>> groups rather than giving IP addresses from the same range.
>> Thanks a lot for the support
>
> Yes. in /etc/ppp/chap-secrets you can do things like:
>
> # client server secret IP addresses paul *
> password 192.168.1.0/24 john * password
> 192.168.1.0/24 marketing * password 192.168.2.0/24
>
> You can even hand out specific IP's
>
> Paul
>
More information about the Users
mailing list