[Openswan Users] IP address assignment through xl2tpd
alet at librelogiciel.com
alet at librelogiciel.com
Sun Dec 5 03:26:59 EST 2010
Hi,
On Thu, Dec 02, 2010 at 11:49:03PM -0500, Paul Wouters wrote:
> On Thu, 2 Dec 2010, alet at librelogiciel.com wrote:
>
> >Currently my Openswan + xl2tpd gateway assigns IP addresses to clients
> >in a specific range.
> >
> >For a particular client, for which I must create some very specific
> >filtering rules, I'd like xl2tpd to always assign the same IP address.
> >
> >So I'm planning to reduce the "ip range" in xl2tpd.conf to not include
> >this particular IP address, but then how do I configure xl2tpd to have a
> >second lns section which only applies to a particular client, known at
> >connection time only by a specific PAP username and X.509 certificate
> >(unfortunately the client IP address will vary) ?
>
> You can specify this in /etc/ppp/chap-secrets. So in xl2tpd.conf you put:
>
> ip range = 193.111.228.100-193.111.228.199
>
> then for your user, you put in chap-secrets:
>
> paul * "password" 193.111.228.99
> * paul "password" 193.111.228.99
Unfortunately we use PAP and not CHAP, and in addition we ensure users
login through pppd's radius plugin, not through /etc/ppp/*-secrets
Sorry to not have said this in my previous message.
So I've created a particular username in our Radius configuration, but I
don't see how to associate an IP address with an username.
Any other idea ?
TIA
Jerome Alet
More information about the Users
mailing list