Hm. I can't seem to get npppd to map users to static addresses in the
npppd-users file, after trying various permutations of "pool-address
##-## <for static>" and such. The client is an iPhone running iOS 6.0,
and is definitely able to set up a working vpn over l2tp/ipsec with
the npppd server (many thx, btw), but the client is then always
assigned a random address from the pool (and never the static one,
incidentally... but that could just be chance).
Did I screw something up in the configuration or has this particular
feature not been implemented yet? Has anyone else had troubles with
this?
(By the way, the daemon goes absolutely bananas if you use a
"framed-ip-address" on a different subnet than those in the pool.
Bananas! I don't recommend this error. ^^)
----------------------------------------
/etc/npppd/npppd-users
----------------------------------------
turnip:\
:password=[...]:\
:framed-ip-address=172.16.2.2:
----------------------------------------
/etc/npppd/npppd.conf
----------------------------------------
authentication LOCAL type local {
users-file "/etc/npppd/npppd-users"
}
tunnel L2TP_ipv4 protocol l2tp {
listen on 0.0.0.0
}
tunnel L2TP_ipv6 protocol l2tp {
listen on ::
}
ipcp IPCP {
pool-address 172.16.2.2-172.16.2.6
dns-servers 172.16.2.1
}
interface pppx0 address 172.16.2.1 ipcp IPCP
bind tunnel from L2TP_ipv4 authenticated by LOCAL to pppx0
bind tunnel from L2TP_ipv6 authenticated by LOCAL to pppx0
----------------------------------------
/etc/ipsec.conf
----------------------------------------
ike passive esp transport \
proto udp from pppoe0 to any port 1701 \
main auth "hmac-sha1" enc "3des" group modp1024 \
quick auth "hmac-sha1" enc "aes" \
psk [...]
----------------------------------------
(npppd -d) output
3:15:21:NOTICE: Load configuration from='/etc/npppd/npppd.conf' successfully.
3:15:21:INFO: pppx0 Started pppx
3:15:21:INFO: Listening /var/run/npppd_ctl (npppd_ctl)
3:15:21:INFO: ipcp=IPCP pool
dyn_pool=[172.16.2.2/31,172.16.2.4/31,172.16.2.6/32]
pool=[172.16.2.2/31,172.16.2.4/31,172.16.2.6/32]
3:15:21:INFO: Loading pool config successfully.
3:15:21:INFO: l2tpd Listening 0.0.0.0:1701/udp (L2TP LNS) [L2TP_ipv4]
3:15:21:INFO: l2tpd Listening [::]:1701/udp (L2TP LNS) [L2TP_ipv6]
3:15:37:NOTICE: l2tpd ctrl=1 logtype=Started RecvSCCRQ
from=[...]:65293/udp tunnel_id=1/28 protocol=1.0 winsize=4
hostname=Elephant-Triumph vendor=(no vendorname) firm=0000
3:15:37:INFO: l2tpd ctrl=1 SendSCCRP
3:15:38:INFO: l2tpd ctrl=1 RecvSCCN
3:15:38:INFO: l2tpd ctrl=1 SendZLB
3:15:38:INFO: l2tpd ctrl=1 call=24105 RecvICRQ session_id=362
3:15:38:INFO: l2tpd ctrl=1 call=24105 SendICRP session_id=24105
3:15:39:INFO: l2tpd ctrl=1 call=24105 RecvICCN session_id=362
calling_number= tx_conn_speed=1000000 framing=async
3:15:39:NOTICE: l2tpd ctrl=1 call=24105 logtype=PPPBind ppp=0
3:15:39:INFO: ppp id=0 layer=base logtype=Started tunnel=L2TP_ipv4([...]:65293)
3:15:39:INFO: l2tpd ctrl=1 call=24105 SendZLB
3:15:42:INFO: ppp id=0 layer=lcp logtype=Opened mru=1360/1360
auth=MS-CHAP-V2 magic=[...]/[...]
3:15:43:INFO: ppp id=0 layer=chap proto=mschap_v2 logtype=Success
username="radish" realm=LOCAL
3:15:44:INFO: ppp id=0 layer=ipcp IP Address peer=0.0.0.0 our=172.16.2.6.
3:15:44:INFO: ppp id=0 layer=base unhandled protocol ipv6cp, 32855(8057)
3:15:45:INFO: ppp id=0 layer=ccp CCP is stopped
3:15:45:INFO: ppp id=0 layer=ipcp logtype=Opened ip=172.16.2.6
assignType=dynamic
3:15:45:NOTICE: ppp id=0 layer=base logtype=TUNNELSTART user="turnip"
duration=6sec layer2=L2TP_ipv4 layer2from=[...]:65293 auth=MS-CHAP-V2
ip=172.16.2.6 iface=pppx0
3:15:45:NOTICE: ppp id=0 layer=base Using pipex=yes
--
Drew
