diff options
| author | Viacheslav Hletenko <v.gletenko@vyos.io> | 2023-02-17 10:35:49 +0000 |
|---|---|---|
| committer | Viacheslav Hletenko <v.gletenko@vyos.io> | 2023-02-17 10:35:49 +0000 |
| commit | 27928236fcd67a0d710e163d7a3cb381a7f700c1 (patch) | |
| tree | 50c4ef0f0bad26b0198d7fb03c102bda65b8d525 | |
| parent | b91956f02d8621b7eecd7f54b42d1b4cb63937e4 (diff) | |
| download | vyos-1x-27928236fcd67a0d710e163d7a3cb381a7f700c1.tar.gz vyos-1x-27928236fcd67a0d710e163d7a3cb381a7f700c1.zip | |
T5005: PPPoE server allow any login with option noauth
Disabling authentication is useful in emergency situations
(e.g. RADIUS server is down) or testing purposes.
Clients can connect with any login and username.
set service pppoe-server authentication mode 'noauth'
| -rw-r--r-- | data/templates/accel-ppp/pppoe.config.j2 | 10 | ||||
| -rw-r--r-- | interface-definitions/include/accel-ppp/auth-mode.xml.i | 8 | ||||
| -rw-r--r-- | interface-definitions/service-ipoe-server.xml.in | 24 |
3 files changed, 16 insertions, 26 deletions
diff --git a/data/templates/accel-ppp/pppoe.config.j2 b/data/templates/accel-ppp/pppoe.config.j2 index 811c4ccc0..dd53edd28 100644 --- a/data/templates/accel-ppp/pppoe.config.j2 +++ b/data/templates/accel-ppp/pppoe.config.j2 @@ -30,6 +30,11 @@ syslog=accel-pppoe,daemon copy=1 level=5 +{% if authentication.mode is vyos_defined("noauth") %} +[auth] +noauth=1 +{% endif %} + {% if snmp.master_agent is vyos_defined %} [snmp] master=1 @@ -133,7 +138,10 @@ pado-delay={{ pado_delay_param.value }} called-sid={{ authentication.radius.called_sid_format }} {% endif %} -{% if authentication.mode is vyos_defined("local") %} +{% if authentication.mode is vyos_defined("local") or authentication.mode is vyos_defined("noauth") %} +{% if authentication.mode is vyos_defined("noauth") %} +noauth=1 +{% endif %} {% if client_ip_pool.name is vyos_defined %} {% for pool, pool_config in client_ip_pool.name.items() %} {% if pool_config.subnet is vyos_defined %} diff --git a/interface-definitions/include/accel-ppp/auth-mode.xml.i b/interface-definitions/include/accel-ppp/auth-mode.xml.i index c1a87cfe3..ccaed6f04 100644 --- a/interface-definitions/include/accel-ppp/auth-mode.xml.i +++ b/interface-definitions/include/accel-ppp/auth-mode.xml.i @@ -10,11 +10,15 @@ <format>radius</format> <description>Use RADIUS server for user autentication</description> </valueHelp> + <valueHelp> + <format>noauth</format> + <description>Authentication disabled</description> + </valueHelp> <constraint> - <regex>(local|radius)</regex> + <regex>(local|radius|noauth)</regex> </constraint> <completionHelp> - <list>local radius</list> + <list>local radius noauth</list> </completionHelp> </properties> <defaultValue>local</defaultValue> diff --git a/interface-definitions/service-ipoe-server.xml.in b/interface-definitions/service-ipoe-server.xml.in index ca4929249..ebe99d3aa 100644 --- a/interface-definitions/service-ipoe-server.xml.in +++ b/interface-definitions/service-ipoe-server.xml.in @@ -117,29 +117,7 @@ <help>Client authentication methods</help> </properties> <children> - <leafNode name="mode"> - <properties> - <help>Authetication mode</help> - <completionHelp> - <list>local radius noauth</list> - </completionHelp> - <constraint> - <regex>(local|radius|noauth)</regex> - </constraint> - <valueHelp> - <format>local</format> - <description>Authentication based on local definition</description> - </valueHelp> - <valueHelp> - <format>radius</format> - <description>Authentication based on a RADIUS server</description> - </valueHelp> - <valueHelp> - <format>noauth</format> - <description>Authentication disabled</description> - </valueHelp> - </properties> - </leafNode> + #include <include/accel-ppp/auth-mode.xml.i> <tagNode name="interface"> <properties> <help>Network interface for client MAC addresses</help> |