summaryrefslogtreecommitdiff
path: root/interface-definitions/vpn-openconnect.xml.in
diff options
context:
space:
mode:
Diffstat (limited to 'interface-definitions/vpn-openconnect.xml.in')
-rw-r--r--interface-definitions/vpn-openconnect.xml.in77
1 files changed, 75 insertions, 2 deletions
diff --git a/interface-definitions/vpn-openconnect.xml.in b/interface-definitions/vpn-openconnect.xml.in
index 8b60f2e6e..75c64a99a 100644
--- a/interface-definitions/vpn-openconnect.xml.in
+++ b/interface-definitions/vpn-openconnect.xml.in
@@ -8,6 +8,27 @@
<priority>901</priority>
</properties>
<children>
+ <node name="accounting">
+ <properties>
+ <help>Accounting for users OpenConnect VPN Sessions</help>
+ </properties>
+ <children>
+ <node name="mode">
+ <properties>
+ <help>Accounting mode used by this server</help>
+ </properties>
+ <children>
+ <leafNode name="radius">
+ <properties>
+ <help>Use RADIUS server for accounting</help>
+ <valueless/>
+ </properties>
+ </leafNode>
+ </children>
+ </node>
+ #include <include/radius-acct-server-ipv4.xml.i>
+ </children>
+ </node>
<node name="authentication">
<properties>
<help>Authentication for remote access SSL VPN Server</help>
@@ -50,6 +71,58 @@
</leafNode>
</children>
</node>
+ <node name="identity-based-config">
+ <properties>
+ <help>Include configuration file by username or RADIUS group attribute</help>
+ </properties>
+ <children>
+ #include <include/generic-disable-node.xml.i>
+ <leafNode name="mode">
+ <properties>
+ <help>Select per user or per group configuration file - ignored if authentication group is configured</help>
+ <completionHelp>
+ <list>user group</list>
+ </completionHelp>
+ <valueHelp>
+ <format>user</format>
+ <description>Match configuration file on username</description>
+ </valueHelp>
+ <valueHelp>
+ <format>group</format>
+ <description>Match RADIUS response class attribute as file name</description>
+ </valueHelp>
+ <constraint>
+ <regex>(user|group)</regex>
+ </constraint>
+ <constraintErrorMessage>Invalid mode, must be either user or group</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ <leafNode name="directory">
+ <properties>
+ <help>Directory to containing configuration files</help>
+ <valueHelp>
+ <format>path</format>
+ <description>Path to configuration directory, must be under /config/auth</description>
+ </valueHelp>
+ <constraint>
+ <validator name="file-path" argument="--directory --parent-dir /config/auth --strict"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="default-config">
+ <properties>
+ <help>Default configuration if discrete config could not be found</help>
+ <valueHelp>
+ <format>filename</format>
+ <description>Default configuration filename, must be under /config/auth</description>
+ </valueHelp>
+ <constraint>
+ <validator name="file-path" argument="--file --parent-dir /config/auth --strict"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ </children>
+ </node>
<leafNode name="group">
<properties>
<help>Group that a client is allowed to select (from a list). Maps to RADIUS Class attribute.</help>
@@ -137,7 +210,7 @@
</tagNode>
</children>
</node>
- #include <include/radius-server-ipv4.xml.i>
+ #include <include/radius-auth-server-ipv4.xml.i>
<node name="radius">
<children>
#include <include/radius-timeout.xml.i>
@@ -150,7 +223,7 @@
</node>
</children>
</node>
- #include <include/listen-address-ipv4.xml.i>
+ #include <include/listen-address-ipv4-single.xml.i>
<leafNode name="listen-address">
<defaultValue>0.0.0.0</defaultValue>
</leafNode>
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-08 09:44:55 +0000