From 6781c4f1f38aed2bbf69ef4d3a8c92eea3946b17 Mon Sep 17 00:00:00 2001 From: DmitriyEshenko Date: Wed, 31 Jul 2019 23:00:08 +0000 Subject: T1555 Implementation shared-secret for LNS. Implementation command disabling ccp. --- interface-definitions/l2tp-server.xml | 18 ++++++++++++++++++ src/conf_mode/accel_l2tp.py | 15 ++++++++++++++- 2 files changed, 32 insertions(+), 1 deletion(-) diff --git a/interface-definitions/l2tp-server.xml b/interface-definitions/l2tp-server.xml index 797e5a812..d5b6a921b 100644 --- a/interface-definitions/l2tp-server.xml +++ b/interface-definitions/l2tp-server.xml @@ -67,6 +67,24 @@ + + + L2TP Network Server (LNS) + + + + + Tunnel password used to authenticate the client (LAC) + + + + + + + Disable Compression Control Protocol (CCP) + + + Internet Protocol Security (IPsec) for remote access L2TP VPN diff --git a/src/conf_mode/accel_l2tp.py b/src/conf_mode/accel_l2tp.py index 5f0546d63..3a224974e 100755 --- a/src/conf_mode/accel_l2tp.py +++ b/src/conf_mode/accel_l2tp.py @@ -89,6 +89,9 @@ mppe={{authentication['mppe']}} {% if outside_addr %} bind={{outside_addr}} {% endif %} +{% if lns_shared_secret %} +secret={{lns_shared_secret}} +{% endif %} [client-ip-range] 0.0.0.0/0 @@ -117,10 +120,13 @@ chap-secrets=/etc/accel-ppp/l2tp/chap-secrets verbose=1 check-ip=1 single-session=replace -{% if idle_timeout%} +{% if idle_timeout %} lcp-echo-timeout={{idle_timeout}} {% endif %} lcp-echo-interval=30 +{% if ccp_disable %} +ccp=0 +{% endif %} {% if authentication['mode'] == 'radius' %} [radius] @@ -383,6 +389,13 @@ def get_config(): if c.exists('idle'): config_data['idle_timeout'] = c.return_value('idle') + ### LNS secret + if c.exists('lns shared-secret'): + config_data['lns_shared_secret'] = c.return_value('lns shared-secret') + + if c.exists('ccp-disable'): + config_data['ccp_disable'] = True + return config_data def verify(c): -- cgit v1.2.3