[Openswan Users] IP address assignment through xl2tpd
cnyegle at gmail.com
Sun Dec 5 03:53:20 EST 2010
You can assign IP from radius, check out FreeRadius's document
On Sunday, December 5, 2010, <alet at librelogiciel.com> wrote:
> On Thu, Dec 02, 2010 at 11:49:03PM -0500, Paul Wouters wrote:
>> On Thu, 2 Dec 2010, alet at librelogiciel.com wrote:
>> >Currently my Openswan + xl2tpd gateway assigns IP addresses to clients
>> >in a specific range.
>> >For a particular client, for which I must create some very specific
>> >filtering rules, I'd like xl2tpd to always assign the same IP address.
>> >So I'm planning to reduce the "ip range" in xl2tpd.conf to not include
>> >this particular IP address, but then how do I configure xl2tpd to have a
>> >second lns section which only applies to a particular client, known at
>> >connection time only by a specific PAP username and X.509 certificate
>> >(unfortunately the client IP address will vary) ?
>> You can specify this in /etc/ppp/chap-secrets. So in xl2tpd.conf you put:
>> ip range = 18.104.22.168-22.214.171.124
>> then for your user, you put in chap-secrets:
>> paul * "password" 126.96.36.199
>> * paul "password" 188.8.131.52
> Unfortunately we use PAP and not CHAP, and in addition we ensure users
> login through pppd's radius plugin, not through /etc/ppp/*-secrets
> Sorry to not have said this in my previous message.
> So I've created a particular username in our Radius configuration, but I
> don't see how to associate an IP address with an username.
> Any other idea ?
> Jerome Alet
> Users at openswan.org
> Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
> Building and Integrating Virtual Private Networks with Openswan:
More information about the Users