Chris Knipe wrote:
Hi,
Just a quick question - especially valid in regards to VPN (L2TP / PPTP).
I know this will depend solely on the NAS, but considering a normal *nix
pppd process, and a windows based RAS client... Is it at all possible to
get PPP to assign static routes to the CLIENT during the authentication
process?
Not in-band i.e. via PPP.
There are various ways to do it with login scripts and such, but they're
very very offtopic for this list.
OpenVPN can do it, but its radius support is somewhat weak at the moment.
Let's say I have a DMZ with 10/8 and 20/8 used for addressing. A client
connects to a VPN server on a.b.c.d Unless I tell the client to use the
VPN as a Default Gateway, the client will not have routes to route 10/8
and 20/8 over the VPN link... What needs to be done to tell Windows this?
Sure, I know I can always add these routes manually, but I'm trying to
avoid it :)
Just a general q... Sorry for OT
In my experience, most people just check the "use default gateway" and
be done with it. Given PPTP is "no longer strategic" for microsoft, much
of the features which later protocols obtained e.g. split tunnelling,
which is the proper name for what you're seeking, never materialised.
Given how crappy PPTP is, that's probably a good thing...
Regards,
Chris.
- List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
