Hi,
for the talk he gave at BSDCan IIRC. I don't need to use RADIUS just a
local authentication database. It is in the base and it seems very
easy
to configure.
It is.
Is anybody running similar setup in production? Any caveats? Any other
advises before I take a plunge.
Yes I am, with Windows, Mac, Linux and OpenBSD clients connecting.
Very easy to configure (linux being the exception :p).
You only need to change npppd.conf, npppd-users and ipsec.conf and you
are in business.
I wrote an up-to-date guide on how to do it, let me know if you want a
copy.
Caveats... yes.
I'm currently seeing issues with some clients (might be a client
software issue) sending multiple connect requests.
The ip-address reserved for the client is being assigned to the first
request, but it seems like the last request "wins", but alas! no
ip-address available (since it was assigned to the first request).
But then again, I have some Windows clients connected for more than 2
weeks non-stop, before they disconnect (prob. a Windows update wanting
to reboot ;) ).
--
bsv