[Openswan Users] IP address assignment through xl2tpd

alet at librelogiciel.com alet at librelogiciel.com
Sun Dec 5 03:26:59 EST 2010


On Thu, Dec 02, 2010 at 11:49:03PM -0500, Paul Wouters wrote:
> On Thu, 2 Dec 2010, alet at librelogiciel.com wrote:
> >Currently my Openswan + xl2tpd gateway assigns IP addresses to clients
> >in a specific range.
> >
> >For a particular client, for which I must create some very specific
> >filtering rules, I'd like xl2tpd to always assign the same IP address.
> >
> >So I'm planning to reduce the "ip range" in xl2tpd.conf to not include
> >this particular IP address, but then how do I configure xl2tpd to have a
> >second lns section which only applies to a particular client, known at
> >connection time only by a specific PAP username and X.509 certificate
> >(unfortunately the client IP address will vary) ?
> You can specify this in /etc/ppp/chap-secrets. So in xl2tpd.conf you put:
> ip range =
> then for your user, you put in chap-secrets:
> paul           *       "password"    
> *               paul   "password"    

Unfortunately we use PAP and not CHAP, and in addition we ensure users
login through pppd's radius plugin, not through /etc/ppp/*-secrets

Sorry to not have said this in my previous message.

So I've created a particular username in our Radius configuration, but I
don't see how to associate an IP address with an username.

Any other idea ?


Jerome Alet

More information about the Users mailing list