diff options
| author | hagbard-01 <39653662+hagbard-01@users.noreply.github.com> | 2019-07-31 16:24:18 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-07-31 16:24:18 -0700 |
| commit | a2463a19790aca536465ac0cc6c7079a47356271 (patch) | |
| tree | ee5edcd03f5af897d195b596e2587ad961d3936d | |
| parent | 93767c0fe4b87327b18ddd4aecb540596d38aaf1 (diff) | |
| parent | 6781c4f1f38aed2bbf69ef4d3a8c92eea3946b17 (diff) | |
| download | vyos-1x-a2463a19790aca536465ac0cc6c7079a47356271.tar.gz vyos-1x-a2463a19790aca536465ac0cc6c7079a47356271.zip | |
Merge pull request #95 from DmitriyEshenko/l2tp
T1555 Implementation shared-secret for LNS. Implementation command di…
| -rw-r--r-- | interface-definitions/l2tp-server.xml | 18 | ||||
| -rwxr-xr-x | src/conf_mode/accel_l2tp.py | 15 |
2 files changed, 32 insertions, 1 deletions
diff --git a/interface-definitions/l2tp-server.xml b/interface-definitions/l2tp-server.xml index 797e5a812..d5b6a921b 100644 --- a/interface-definitions/l2tp-server.xml +++ b/interface-definitions/l2tp-server.xml @@ -67,6 +67,24 @@ </leafNode> </children> </node> + <node name="lns"> + <properties> + <help>L2TP Network Server (LNS)</help> + </properties> + <children> + <leafNode name="shared-secret"> + <properties> + <help>Tunnel password used to authenticate the client (LAC)</help> + </properties> + </leafNode> + </children> + </node> + <leafNode name="ccp-disable"> + <properties> + <help>Disable Compression Control Protocol (CCP)</help> + <valueless /> + </properties> + </leafNode> <node name="ipsec-settings"> <properties> <help>Internet Protocol Security (IPsec) for remote access L2TP VPN</help> diff --git a/src/conf_mode/accel_l2tp.py b/src/conf_mode/accel_l2tp.py index 5f0546d63..3a224974e 100755 --- a/src/conf_mode/accel_l2tp.py +++ b/src/conf_mode/accel_l2tp.py @@ -89,6 +89,9 @@ mppe={{authentication['mppe']}} {% if outside_addr %} bind={{outside_addr}} {% endif %} +{% if lns_shared_secret %} +secret={{lns_shared_secret}} +{% endif %} [client-ip-range] 0.0.0.0/0 @@ -117,10 +120,13 @@ chap-secrets=/etc/accel-ppp/l2tp/chap-secrets verbose=1 check-ip=1 single-session=replace -{% if idle_timeout%} +{% if idle_timeout %} lcp-echo-timeout={{idle_timeout}} {% endif %} lcp-echo-interval=30 +{% if ccp_disable %} +ccp=0 +{% endif %} {% if authentication['mode'] == 'radius' %} [radius] @@ -383,6 +389,13 @@ def get_config(): if c.exists('idle'): config_data['idle_timeout'] = c.return_value('idle') + ### LNS secret + if c.exists('lns shared-secret'): + config_data['lns_shared_secret'] = c.return_value('lns shared-secret') + + if c.exists('ccp-disable'): + config_data['ccp_disable'] = True + return config_data def verify(c): |