From abcd7026efd8cbeb1c4db828788eda9a6dd2be41 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sat, 18 Apr 2020 12:01:44 +0200 Subject: vpn: l2tp: pptp: sstp: rename files to common pattern --- interface-definitions/vpn-l2tp.xml.in | 562 ---------------------------------- interface-definitions/vpn-pptp.xml.in | 254 --------------- interface-definitions/vpn-sstp.xml.in | 410 ------------------------- interface-definitions/vpn_l2tp.xml.in | 562 ++++++++++++++++++++++++++++++++++ interface-definitions/vpn_pptp.xml.in | 254 +++++++++++++++ interface-definitions/vpn_sstp.xml.in | 410 +++++++++++++++++++++++++ 6 files changed, 1226 insertions(+), 1226 deletions(-) delete mode 100644 interface-definitions/vpn-l2tp.xml.in delete mode 100644 interface-definitions/vpn-pptp.xml.in delete mode 100644 interface-definitions/vpn-sstp.xml.in create mode 100644 interface-definitions/vpn_l2tp.xml.in create mode 100644 interface-definitions/vpn_pptp.xml.in create mode 100644 interface-definitions/vpn_sstp.xml.in (limited to 'interface-definitions') diff --git a/interface-definitions/vpn-l2tp.xml.in b/interface-definitions/vpn-l2tp.xml.in deleted file mode 100644 index d4286a810..000000000 --- a/interface-definitions/vpn-l2tp.xml.in +++ /dev/null @@ -1,562 +0,0 @@ - - - - - - - L2TP Virtual Private Network (VPN) - - - - - Remote access L2TP VPN - - - - - Maximum Transmission Unit (MTU) - - - - - - - - External IP address to which VPN clients will connect - - - - - - - - Gatway address uses as client tunnel termination point - - - - - - - - Domain Name Server (DNS) propagated to client - - ipv4 - Domain Name Server (DNS) IPv4 address - - - ipv6 - Domain Name Server (DNS) IPv6 address - - - - - - - - - - - L2TP Network Server (LNS) - - - - - Tunnel password used to authenticate the client (LAC) - - - - - - - Disable Compression Control Protocol (CCP) - - - - - - Internet Protocol Security (IPsec) for remote access L2TP VPN - - - - - IPsec authentication settings - - - - - Authentication mode for IPsec - - pre-shared-secret - Use pre-shared secret for IPsec authentication - - - x509 - Use X.509 certificate for IPsec authentication - - - (pre-shared-secret|x509) - - - pre-shared-secret x509 - - - - - - Pre-shared secret for IPsec - - - - - X.509 certificate - - - - - File containing the X.509 certificate for the Certificate Authority (CA) - - <text> - File in /config/auth - - - - - - File containing the X.509 Certificate Revocation List (CRL) - - <text> - File in /config/auth - - - - - - File containing the X.509 certificate for the remote access VPN server (this host) - - <text> - File in /config/auth - - - - - - File containing the private key for the X.509 certificate for the remote access VPN server (this host) - - <text> - File in /config/auth - - - - - - Password that protects the private key - - - - - - - - - IKE lifetime - - <30-86400> - IKE lifetime in seconds (default 3600) - - - - - - - - - ESP lifetime - - <30-86400> - IKE lifetime in seconds (default 3600) - - - - - - - - - - - Windows Internet Name Service (WINS) servers propagated to client - - ipv4 - Domain Name Server (DNS) IPv4 address - - - - - - - - - - Pool of client IP addresses (must be within a /24) - - - - - First IP address in the pool (will be used as gateway address) - - - - - - - - Last IP address in the pool - - - - - - - - Client IP subnet (CIDR notation) - - - - Not a valid CIDR formatted prefix - - ipv4net - IPv4 subnet address - - - - - - - - - Pool of client IPv6 addresses - - - - - Pool of addresses used to assign to clients - - ipv6net - IPv6 address and prefix length - - - - - - - - - Prefix length used for individual client - - <48-128> - Client prefix length (default: 64) - - - - - - - - - - - Subnet used to delegate prefix through DHCPv6-PD (RFC3633) - - ipv6net - IPv6 address and prefix length - - - - - - - - - Prefix length delegated to client - - <32-64> - Delegated prefix length - - - - - - - - - - - - - Description for L2TP remote-access settings - - - - - DHCP interface to listen on - - - - - PPP idle timeout - - <30-86400> - PPP idle timeout in seconds (default 1800) - - - - - - - - - Authentication for remote access L2TP VPN - - - - - Authentication protocol for remote access peer L2TP VPN - - pap - Require the peer to authenticate itself using PAP [Password Authentication Protocol]. - - - chap - Require the peer to authenticate itself using CHAP [Challenge Handshake Authentication Protocol]. - - - mschap - Require the peer to authenticate itself using CHAP [Challenge Handshake Authentication Protocol]. - - - mschap-v2 - Require the peer to authenticate itself using MS-CHAPv2 [Microsoft Challenge Handshake Authentication Protocol, Version 2]. - - - (pap|chap|mschap|mschap-v2) - - - pap chap mschap mschap-v2 - - - - - - - Specifies mppe negotioation preference. (default require mppe 128-bit stateless - - deny - deny mppe - - - prefer - Ask client for mppe, if it rejects do not fail - - - require - ask client for mppe, if it rejects drop connection - - - (deny|prefer|require) - - - deny prefer require - - - - - - Authentication mode for remote access L2TP VPN - - local - Use local username/password configuration - - - radius - Use a RADIUS server to autenticate users - - - (local|radius) - - - local radius - - - - - - Local user authentication for remote access L2TP VPN - - - - - User name for authentication - - - - - Option to disable a L2TP Server user - - - - - - Password for authentication - - - - - Static client IP address - - - - - Upload/Download speed limits - - - - - Upload bandwidth limit in kbits/sec - - - - - - - - Download bandwidth limit in kbits/sec - - - - - - - - - - - - #include - - - - - - - Mark server unavailable for <n> seconds on failure - - 0-600 - Fail time penalty - - - - - Fail time must be between 0 and 600 seconds - - - - - - - Timeout to wait response from server (seconds) - - - - - Timeout to wait reply for Interim-Update packets. (default 3 seconds) - - - - - Maximum number of tries to send Access-Request/Accounting-Request queries - - - - - Value to send to RADIUS server in NAS-Identifier attribute and to be matched in DM/CoA requests. - - - - - IPv4 address and port to bind Dynamic Authorization Extension server (DM/CoA) - - - - - IP address for Dynamic Authorization Extension server (DM/CoA) - - - - - Port for Dynamic Authorization Extension server (DM/CoA) - - - - - Secret for Dynamic Authorization Extension server (DM/CoA) - - - - - - - Upload/Download speed limits - - - - - Specifies which radius attribute contains rate information. (default is Filter-Id) - - - - - Specifies the vendor dictionary. (dictionary needs to be in /usr/share/accel-ppp/radius) - - - - - Enables Bandwidth shaping via RADIUS - - - - - - - - - - - - Advanced protocol options - - - - - LCP echo-requests/sec - - - - - - - - Maximum number of Echo-Requests may be sent without valid reply - - - - - - - - - - - - - - diff --git a/interface-definitions/vpn-pptp.xml.in b/interface-definitions/vpn-pptp.xml.in deleted file mode 100644 index 9636c3b39..000000000 --- a/interface-definitions/vpn-pptp.xml.in +++ /dev/null @@ -1,254 +0,0 @@ - - - - - - - Point to Point Tunneling Protocol (PPTP) Virtual Private Network (VPN) - - - - - Remote access PPTP VPN - - - - - Maximum Transmission Unit (MTU) - - - - - - - - External IP address to which VPN clients will connect - - - - - - - - IPv4 Domain Name Service (DNS) server - - - - - Primary DNS server - - ipv4 - IPv4 address - - - - - - - - - Secondary DNS server - - ipv4 - IPv4 address - - - - - - - - - - - Windows Internet Name Service (WINS) server settings - - - - - Primary WINS server - - - - - - - - Secondary WINS server - - - - - - - - - - Pool of client IP addresses (must be within a /24) - - - - - First IP address in the pool (will be used as gateway address) - - - - - - - - Last IP address in the pool - - - - - - - - - - Gatway address uses as client tunnel termination point - - - - - - - - Authentication for remote access PPTP VPN - - - - - Authentication protocol for remote access peer PPTP VPN - - pap - Require the peer to authenticate itself using PAP [Password Authentication Protocol]. - - - chap - Require the peer to authenticate itself using CHAP [Challenge Handshake Authentication Protocol]. - - - mschap - Require the peer to authenticate itself using CHAP [Challenge Handshake Authentication Protocol]. - - - mschap-v2 - Require the peer to authenticate itself using MS-CHAPv2 [Microsoft Challenge Handshake Authentication Protocol, Version 2]. - - - - - - Specifies mppe negotioation preference. (default require mppe 128-bit stateless - - deny - deny mppe - - - prefer - ask client for mppe, if it rejects do not fail - - - require - ask client for mppe, if it rejects drop connection - - - (deny|prefer|require) - - - deny prefer require - - - - - - Authentication mode for remote access PPTP VPN - - local - Use local username/password configuration - - - radius - Use a RADIUS server to autenticate users - - - (local|radius) - - - local radius - - - - - - Local user authentication for remote access PPTP VPN - - - - - User name for authentication - - - - - Option to disable a PPTP Server user - - - - - Password for authentication - - - - - Static client IP address - - - - - - - - - RADIUS specific configuration - - - - - IP address of radius server - - ipv4 - IP address of RADIUS server - - - - - - Key for accessing the specified server - - - - - Maximum number of simultaneous requests to server (default: unlimited) - - - - - If server does not responds mark it as unavailable for this time (seconds) - - - - - - - - - - - - - - - diff --git a/interface-definitions/vpn-sstp.xml.in b/interface-definitions/vpn-sstp.xml.in deleted file mode 100644 index b026417b3..000000000 --- a/interface-definitions/vpn-sstp.xml.in +++ /dev/null @@ -1,410 +0,0 @@ - - - - - - - Secure Socket Tunneling Protocol (SSTP) server - 901 - - - - - Authentication for remote access SSTP Server - - - - - Local user authentication for SSTP server - - - - - User name for authentication - - - - - Option to disable a SSTP Server user - - - - - - Password for authentication - - - - - Static client IP address - - - - - Upload/Download speed limits - - - - - Upload bandwidth limit in kbits/sec - - - - - - - - Download bandwidth limit in kbits/sec - - - - - - - - - - - - - - Authentication mode for SSTP Server - - local - Use local username/password configuration - - - radius - Use a RADIUS server to autenticate users - - - (local|radius) - - - local radius - - - - - - Authentication protocol for remote access peer SSTP VPN - - pap chap mschap mschap-v2 - - - pap - Authentication via PAP (Password Authentication Protocol) - - - chap - Authentication via CHAP (Challenge Handshake Authentication Protocol) - - - mschap - Authentication via MS-CHAP (Microsoft Challenge Handshake Authentication Protocol) - - - mschap-v2 - Authentication via MS-CHAPv2 (Microsoft Challenge Handshake Authentication Protocol, version 2) - - - (pap|chap|mschap|mschap-v2) - - - - - #include - - - - - - - Mark server unavailable for <n> seconds on failure - - 0-600 - Fail time penalty - - - - - Fail time must be between 0 and 600 seconds - - - - - - - Timeout in seconds to wait response from RADIUS server - - 1-60 - Timeout in seconds - - - - - Timeout must be between 1 and 60 seconds - - - - - Timeout for Interim-Update packets, terminate session afterwards (default 3 seconds) - - 0-60 - Timeout in seconds, 0 to keep active - - - - - Timeout must be between 0 and 60 seconds - - - - - Number of tries to send Access-Request/Accounting-Request queries - - 1-20 - Maximum tries - - - - - Maximum tries must be between 1 and 20 - - - - - NAS-Identifier attribute sent to RADIUS - - - - - NAS-IP-Address attribute sent to RADIUS - - - - - ipv4 - NAS-IP-Address attribute - - - - - - Dynamic Authorization Extension/Change of Authorization server - - - - - IP address for Dynamic Authorization Extension server (DM/CoA) - - - - - ipv4 - IPv4 address for aynamic authorization server - - - - - - Port for Dynamic Authorization Extension server (DM/CoA) - - number - TCP port - - - - - - - - - Shared secret for Dynamic Authorization Extension server - - - - - - - Upload/Download speed limits - - - - - Specifies RADIUS attribute containing rate information (default 'Filter-Id') - - - - - Specifies vendor dictionary (needs to be in /usr/share/accel-ppp/radius) - - - - - Enable RADIUS bandwidth shaping - - - - - - - - - - - - SSL Certificate, SSL Key and CA (/config/user-data/sstp) - - - - - Certificate Authority certificate - - file - File in /config/auth directory - - - - - - - - - Server Certificate - - - - - - - - - - - Privat Key of the Server Certificate - - file - File in /config/auth directory - - - - - - - - - - - Network settings - - - - - Client IP pools and gateway setting - - - - - Client IP subnet (CIDR notation) - - ipv4net - IPv4 address and prefix length - - - - - Not a valid CIDR formatted prefix - - - - - - Gateway IP address - - - - invalid IPv4 address - - ipv4 - Default Gateway send to the client - - - - - - - - DNS servers propagated to clients - - ipv4 - IPv4 address - - - - - - - - #include - - - - - PPP (Point-to-Point Protocol) settings - - - - - Specifies mppe negotiation preferences - - require prefer deny - - - (^require|prefer|deny) - - - require - send mppe request, if client rejects, drop the connection - - - prefer - send mppe request, if client rejects continue - - - deny - drop all mppe - - - - - - LCP echo-requests/sec - - - - - - - - Maximum number of Echo-Requests may be sent without valid reply - - - - - - - - Timeout in seconds to wait for any peer activity. If this option specified it turns on adaptive lcp echo functionality and "lcp-echo-failure" is not used. - - - - - - - - - - - - diff --git a/interface-definitions/vpn_l2tp.xml.in b/interface-definitions/vpn_l2tp.xml.in new file mode 100644 index 000000000..d4286a810 --- /dev/null +++ b/interface-definitions/vpn_l2tp.xml.in @@ -0,0 +1,562 @@ + + + + + + + L2TP Virtual Private Network (VPN) + + + + + Remote access L2TP VPN + + + + + Maximum Transmission Unit (MTU) + + + + + + + + External IP address to which VPN clients will connect + + + + + + + + Gatway address uses as client tunnel termination point + + + + + + + + Domain Name Server (DNS) propagated to client + + ipv4 + Domain Name Server (DNS) IPv4 address + + + ipv6 + Domain Name Server (DNS) IPv6 address + + + + + + + + + + + L2TP Network Server (LNS) + + + + + Tunnel password used to authenticate the client (LAC) + + + + + + + Disable Compression Control Protocol (CCP) + + + + + + Internet Protocol Security (IPsec) for remote access L2TP VPN + + + + + IPsec authentication settings + + + + + Authentication mode for IPsec + + pre-shared-secret + Use pre-shared secret for IPsec authentication + + + x509 + Use X.509 certificate for IPsec authentication + + + (pre-shared-secret|x509) + + + pre-shared-secret x509 + + + + + + Pre-shared secret for IPsec + + + + + X.509 certificate + + + + + File containing the X.509 certificate for the Certificate Authority (CA) + + <text> + File in /config/auth + + + + + + File containing the X.509 Certificate Revocation List (CRL) + + <text> + File in /config/auth + + + + + + File containing the X.509 certificate for the remote access VPN server (this host) + + <text> + File in /config/auth + + + + + + File containing the private key for the X.509 certificate for the remote access VPN server (this host) + + <text> + File in /config/auth + + + + + + Password that protects the private key + + + + + + + + + IKE lifetime + + <30-86400> + IKE lifetime in seconds (default 3600) + + + + + + + + + ESP lifetime + + <30-86400> + IKE lifetime in seconds (default 3600) + + + + + + + + + + + Windows Internet Name Service (WINS) servers propagated to client + + ipv4 + Domain Name Server (DNS) IPv4 address + + + + + + + + + + Pool of client IP addresses (must be within a /24) + + + + + First IP address in the pool (will be used as gateway address) + + + + + + + + Last IP address in the pool + + + + + + + + Client IP subnet (CIDR notation) + + + + Not a valid CIDR formatted prefix + + ipv4net + IPv4 subnet address + + + + + + + + + Pool of client IPv6 addresses + + + + + Pool of addresses used to assign to clients + + ipv6net + IPv6 address and prefix length + + + + + + + + + Prefix length used for individual client + + <48-128> + Client prefix length (default: 64) + + + + + + + + + + + Subnet used to delegate prefix through DHCPv6-PD (RFC3633) + + ipv6net + IPv6 address and prefix length + + + + + + + + + Prefix length delegated to client + + <32-64> + Delegated prefix length + + + + + + + + + + + + + Description for L2TP remote-access settings + + + + + DHCP interface to listen on + + + + + PPP idle timeout + + <30-86400> + PPP idle timeout in seconds (default 1800) + + + + + + + + + Authentication for remote access L2TP VPN + + + + + Authentication protocol for remote access peer L2TP VPN + + pap + Require the peer to authenticate itself using PAP [Password Authentication Protocol]. + + + chap + Require the peer to authenticate itself using CHAP [Challenge Handshake Authentication Protocol]. + + + mschap + Require the peer to authenticate itself using CHAP [Challenge Handshake Authentication Protocol]. + + + mschap-v2 + Require the peer to authenticate itself using MS-CHAPv2 [Microsoft Challenge Handshake Authentication Protocol, Version 2]. + + + (pap|chap|mschap|mschap-v2) + + + pap chap mschap mschap-v2 + + + + + + + Specifies mppe negotioation preference. (default require mppe 128-bit stateless + + deny + deny mppe + + + prefer + Ask client for mppe, if it rejects do not fail + + + require + ask client for mppe, if it rejects drop connection + + + (deny|prefer|require) + + + deny prefer require + + + + + + Authentication mode for remote access L2TP VPN + + local + Use local username/password configuration + + + radius + Use a RADIUS server to autenticate users + + + (local|radius) + + + local radius + + + + + + Local user authentication for remote access L2TP VPN + + + + + User name for authentication + + + + + Option to disable a L2TP Server user + + + + + + Password for authentication + + + + + Static client IP address + + + + + Upload/Download speed limits + + + + + Upload bandwidth limit in kbits/sec + + + + + + + + Download bandwidth limit in kbits/sec + + + + + + + + + + + + #include + + + + + + + Mark server unavailable for <n> seconds on failure + + 0-600 + Fail time penalty + + + + + Fail time must be between 0 and 600 seconds + + + + + + + Timeout to wait response from server (seconds) + + + + + Timeout to wait reply for Interim-Update packets. (default 3 seconds) + + + + + Maximum number of tries to send Access-Request/Accounting-Request queries + + + + + Value to send to RADIUS server in NAS-Identifier attribute and to be matched in DM/CoA requests. + + + + + IPv4 address and port to bind Dynamic Authorization Extension server (DM/CoA) + + + + + IP address for Dynamic Authorization Extension server (DM/CoA) + + + + + Port for Dynamic Authorization Extension server (DM/CoA) + + + + + Secret for Dynamic Authorization Extension server (DM/CoA) + + + + + + + Upload/Download speed limits + + + + + Specifies which radius attribute contains rate information. (default is Filter-Id) + + + + + Specifies the vendor dictionary. (dictionary needs to be in /usr/share/accel-ppp/radius) + + + + + Enables Bandwidth shaping via RADIUS + + + + + + + + + + + + Advanced protocol options + + + + + LCP echo-requests/sec + + + + + + + + Maximum number of Echo-Requests may be sent without valid reply + + + + + + + + + + + + + + diff --git a/interface-definitions/vpn_pptp.xml.in b/interface-definitions/vpn_pptp.xml.in new file mode 100644 index 000000000..5d8ead2aa --- /dev/null +++ b/interface-definitions/vpn_pptp.xml.in @@ -0,0 +1,254 @@ + + + + + + + Point to Point Tunneling Protocol (PPTP) Virtual Private Network (VPN) + + + + + Remote access PPTP VPN + + + + + Maximum Transmission Unit (MTU) + + + + + + + + External IP address to which VPN clients will connect + + + + + + + + IPv4 Domain Name Service (DNS) server + + + + + Primary DNS server + + ipv4 + IPv4 address + + + + + + + + + Secondary DNS server + + ipv4 + IPv4 address + + + + + + + + + + + Windows Internet Name Service (WINS) server settings + + + + + Primary WINS server + + + + + + + + Secondary WINS server + + + + + + + + + + Pool of client IP addresses (must be within a /24) + + + + + First IP address in the pool (will be used as gateway address) + + + + + + + + Last IP address in the pool + + + + + + + + + + Gatway address uses as client tunnel termination point + + + + + + + + Authentication for remote access PPTP VPN + + + + + Authentication protocol for remote access peer PPTP VPN + + pap + Require the peer to authenticate itself using PAP [Password Authentication Protocol]. + + + chap + Require the peer to authenticate itself using CHAP [Challenge Handshake Authentication Protocol]. + + + mschap + Require the peer to authenticate itself using CHAP [Challenge Handshake Authentication Protocol]. + + + mschap-v2 + Require the peer to authenticate itself using MS-CHAPv2 [Microsoft Challenge Handshake Authentication Protocol, Version 2]. + + + + + + Specifies mppe negotioation preference. (default require mppe 128-bit stateless + + deny + deny mppe + + + prefer + ask client for mppe, if it rejects do not fail + + + require + ask client for mppe, if it rejects drop connection + + + (deny|prefer|require) + + + deny prefer require + + + + + + Authentication mode for remote access PPTP VPN + + local + Use local username/password configuration + + + radius + Use a RADIUS server to autenticate users + + + (local|radius) + + + local radius + + + + + + Local user authentication for remote access PPTP VPN + + + + + User name for authentication + + + + + Option to disable a PPTP Server user + + + + + Password for authentication + + + + + Static client IP address + + + + + + + + + RADIUS specific configuration + + + + + IP address of radius server + + ipv4 + IP address of RADIUS server + + + + + + Key for accessing the specified server + + + + + Maximum number of simultaneous requests to server (default: unlimited) + + + + + If server does not responds mark it as unavailable for this time (seconds) + + + + + + + + + + + + + + + diff --git a/interface-definitions/vpn_sstp.xml.in b/interface-definitions/vpn_sstp.xml.in new file mode 100644 index 000000000..b026417b3 --- /dev/null +++ b/interface-definitions/vpn_sstp.xml.in @@ -0,0 +1,410 @@ + + + + + + + Secure Socket Tunneling Protocol (SSTP) server + 901 + + + + + Authentication for remote access SSTP Server + + + + + Local user authentication for SSTP server + + + + + User name for authentication + + + + + Option to disable a SSTP Server user + + + + + + Password for authentication + + + + + Static client IP address + + + + + Upload/Download speed limits + + + + + Upload bandwidth limit in kbits/sec + + + + + + + + Download bandwidth limit in kbits/sec + + + + + + + + + + + + + + Authentication mode for SSTP Server + + local + Use local username/password configuration + + + radius + Use a RADIUS server to autenticate users + + + (local|radius) + + + local radius + + + + + + Authentication protocol for remote access peer SSTP VPN + + pap chap mschap mschap-v2 + + + pap + Authentication via PAP (Password Authentication Protocol) + + + chap + Authentication via CHAP (Challenge Handshake Authentication Protocol) + + + mschap + Authentication via MS-CHAP (Microsoft Challenge Handshake Authentication Protocol) + + + mschap-v2 + Authentication via MS-CHAPv2 (Microsoft Challenge Handshake Authentication Protocol, version 2) + + + (pap|chap|mschap|mschap-v2) + + + + + #include + + + + + + + Mark server unavailable for <n> seconds on failure + + 0-600 + Fail time penalty + + + + + Fail time must be between 0 and 600 seconds + + + + + + + Timeout in seconds to wait response from RADIUS server + + 1-60 + Timeout in seconds + + + + + Timeout must be between 1 and 60 seconds + + + + + Timeout for Interim-Update packets, terminate session afterwards (default 3 seconds) + + 0-60 + Timeout in seconds, 0 to keep active + + + + + Timeout must be between 0 and 60 seconds + + + + + Number of tries to send Access-Request/Accounting-Request queries + + 1-20 + Maximum tries + + + + + Maximum tries must be between 1 and 20 + + + + + NAS-Identifier attribute sent to RADIUS + + + + + NAS-IP-Address attribute sent to RADIUS + + + + + ipv4 + NAS-IP-Address attribute + + + + + + Dynamic Authorization Extension/Change of Authorization server + + + + + IP address for Dynamic Authorization Extension server (DM/CoA) + + + + + ipv4 + IPv4 address for aynamic authorization server + + + + + + Port for Dynamic Authorization Extension server (DM/CoA) + + number + TCP port + + + + + + + + + Shared secret for Dynamic Authorization Extension server + + + + + + + Upload/Download speed limits + + + + + Specifies RADIUS attribute containing rate information (default 'Filter-Id') + + + + + Specifies vendor dictionary (needs to be in /usr/share/accel-ppp/radius) + + + + + Enable RADIUS bandwidth shaping + + + + + + + + + + + + SSL Certificate, SSL Key and CA (/config/user-data/sstp) + + + + + Certificate Authority certificate + + file + File in /config/auth directory + + + + + + + + + Server Certificate + + + + + + + + + + + Privat Key of the Server Certificate + + file + File in /config/auth directory + + + + + + + + + + + Network settings + + + + + Client IP pools and gateway setting + + + + + Client IP subnet (CIDR notation) + + ipv4net + IPv4 address and prefix length + + + + + Not a valid CIDR formatted prefix + + + + + + Gateway IP address + + + + invalid IPv4 address + + ipv4 + Default Gateway send to the client + + + + + + + + DNS servers propagated to clients + + ipv4 + IPv4 address + + + + + + + + #include + + + + + PPP (Point-to-Point Protocol) settings + + + + + Specifies mppe negotiation preferences + + require prefer deny + + + (^require|prefer|deny) + + + require + send mppe request, if client rejects, drop the connection + + + prefer + send mppe request, if client rejects continue + + + deny + drop all mppe + + + + + + LCP echo-requests/sec + + + + + + + + Maximum number of Echo-Requests may be sent without valid reply + + + + + + + + Timeout in seconds to wait for any peer activity. If this option specified it turns on adaptive lcp echo functionality and "lcp-echo-failure" is not used. + + + + + + + + + + + + -- cgit v1.2.3