[Openswan Users] IPSEC over DHCP
Paul Wouters
paul at xelerance.com
Wed Sep 14 11:02:36 EDT 2011
On Wed, 14 Sep 2011, heta shah wrote:
> Anyone tell me how to configure IPSEC/L2TP over DHCP in ubuntu server for
> roadwarries client to connect to the server. If any document for that
> then please share with me.
There is no DHCP when using L2TP.
If you use xl2tpd, you can do IP assignment using /etc/ppp/chap-secrets
or you can use a pppd radius/ldap plugin to talk to a backend handing out
IP addresses.
Example xl2tpd IP handout:
/etc/xl2tpd/xl2tpd.conf:
[global]
listen-addr = 193.110.157.148
ipsec saref = yes
debug tunnel = yes
[lns default]
ip range = 10.1.2.16-10.1.2.48
local ip = 10.1.2.1
require chap = yes
refuse pap = yes
require authentication = yes
name = OpenswanVPN
ppp debug = yes
pppoptfile = /etc/ppp/options.xl2tpd
length bit = yes
/etc/ppp/chap-secrets:
# Secrets for authentication using PAP
# client server secret IP addresses
# paul gets static IP - outside the xl2tpd pool
paul * "password" 10.1.2.2
* paul "password" 10.1.2.2
# test gets IP from pool
test * "password" 10.1.2.16/27
* test "password" 10.1.2.2/27
Paul
More information about the Users
mailing list