On Mon, 28 Apr 2014, Wolfgang Nothdurft wrote:
for one of our customers we need user defined pools with xauth.
Because we don't want to use pam or radius for xauth, I have extended the
configuration with file based authentication.
You can optional add an ip address or ip pool at the end of each passwd
entry. (see patch attached)
user:password:connection[:ip or from-to ip range]
I don't know if this scenario is wanted by others.
You could just use the native address pool:
rightaddresspool=10.11.12.1-10.11.12-254
This has additonal benefits like remembering the ID of the remote and
attempting to re-issue the same IP so if a phone switches from wifi to
3G it will get the same IP address and hopefully the existing
connections won't break.
Paul
(but use the git version of that code as we made some changes in the
last few days)
_______________________________________________
Swan-dev mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan-dev
