[Openswan Users] IP address assignment through xl2tpd
yegle
cnyegle at gmail.com
Sun Dec 5 03:53:20 EST 2010
Hi,
You can assign IP from radius, check out FreeRadius's document
:-)
On Sunday, December 5, 2010, <alet at librelogiciel.com> wrote:
> Hi,
>
> On Thu, Dec 02, 2010 at 11:49:03PM -0500, Paul Wouters wrote:
>> On Thu, 2 Dec 2010, alet at librelogiciel.com wrote:
>>
>> >Currently my Openswan + xl2tpd gateway assigns IP addresses to clients
>> >in a specific range.
>> >
>> >For a particular client, for which I must create some very specific
>> >filtering rules, I'd like xl2tpd to always assign the same IP address.
>> >
>> >So I'm planning to reduce the "ip range" in xl2tpd.conf to not include
>> >this particular IP address, but then how do I configure xl2tpd to have a
>> >second lns section which only applies to a particular client, known at
>> >connection time only by a specific PAP username and X.509 certificate
>> >(unfortunately the client IP address will vary) ?
>>
>> You can specify this in /etc/ppp/chap-secrets. So in xl2tpd.conf you put:
>>
>> ip range = 193.111.228.100-193.111.228.199
>>
>> then for your user, you put in chap-secrets:
>>
>> paul * "password" 193.111.228.99
>> * paul "password" 193.111.228.99
>
> Unfortunately we use PAP and not CHAP, and in addition we ensure users
> login through pppd's radius plugin, not through /etc/ppp/*-secrets
>
> Sorry to not have said this in my previous message.
>
> So I've created a particular username in our Radius configuration, but I
> don't see how to associate an IP address with an username.
>
> Any other idea ?
>
> TIA
>
> Jerome Alet
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>
More information about the Users
mailing list