### generated by accel_l2tp.py ###
[modules]
log_syslog
l2tp
chap-secrets
{% for proto in authentication['auth_proto']: %}
{{proto}}
{% endfor%}
{% if authentication['mode'] == 'radius' %}
radius
{% endif -%}
ippool
shaper
ipv6pool
ipv6_nd
ipv6_dhcp

[core]
thread-count={{thread_cnt}}

[log]
syslog=accel-l2tp,daemon
copy=1
level=5

{% if dns %}
[dns]
{% if dns[0] %}
dns1={{dns[0]}}
{% endif %}
{% if dns[1] %}
dns2={{dns[1]}}
{% endif %}
{% endif -%}

{% if dnsv6 %}
[ipv6-dns]
{% for srv in dnsv6: %}
{{srv}}
{% endfor %}
{% endif %}

{% if wins %}
[wins]
{% if wins[0] %}
wins1={{wins[0]}}
{% endif %}
{% if wins[1] %}
wins2={{wins[1]}}
{% endif %}
{% endif -%}

[l2tp]
verbose=1
ifname=l2tp%d
ppp-max-mtu={{mtu}}
mppe={{authentication['mppe']}}
{% if outside_addr %}
bind={{outside_addr}}
{% endif %}
{% if lns_shared_secret %}
secret={{lns_shared_secret}}
{% endif %}

[client-ip-range]
0.0.0.0/0

{% if (client_ip_pool) or (client_ip_subnets) %}
[ip-pool]
{% if client_ip_pool %}
{{client_ip_pool}}
{% endif -%}
{% if client_ip_subnets %}
{% for sn in client_ip_subnets %}
{{sn}}
{% endfor -%}
{% endif %}
{% endif %}
{% if gateway_address %}
gw-ip-address={{gateway_address}}
{% endif %}

{% if authentication['mode'] == 'local' %}
[chap-secrets]
chap-secrets=/etc/accel-ppp/l2tp/chap-secrets
{% if gateway_address %}
gw-ip-address={{gateway_address}}
{% endif %}
{% endif %}

[ppp]
verbose=1
check-ip=1
single-session=replace
{% if idle_timeout %}
lcp-echo-timeout={{idle_timeout}}
{% endif %}
{% if ppp_options['lcp-echo-interval'] %}
lcp-echo-interval={{ppp_options['lcp-echo-interval']}}
{% else %}
lcp-echo-interval=30
{% endif %}
{% if ppp_options['lcp-echo-failure'] %}
lcp-echo-failure={{ppp_options['lcp-echo-failure']}}
{% else %}
lcp-echo-failure=3
{% endif %}
{% if ccp_disable %}
ccp=0
{% endif %}
{% if client_ipv6_pool %}
ipv6=allow
{% endif %}

{% if authentication['mode'] == 'radius' %}
[radius]
{% for rsrv in authentication['radiussrv']: %}
server={{rsrv}},{{authentication['radiussrv'][rsrv]['secret']}},\
req-limit={{authentication['radiussrv'][rsrv]['req-limit']}},\
fail-time={{authentication['radiussrv'][rsrv]['fail-time']}}
{% endfor %}
{% if authentication['radiusopt']['timeout'] %}
timeout={{authentication['radiusopt']['timeout']}}
{% endif %}
{% if authentication['radiusopt']['acct-timeout'] %}
acct-timeout={{authentication['radiusopt']['acct-timeout']}}
{% endif %}
{% if authentication['radiusopt']['max-try'] %}
max-try={{authentication['radiusopt']['max-try']}}
{% endif %}
{% if authentication['radiusopt']['nas-id'] %}
nas-identifier={{authentication['radiusopt']['nas-id']}}
{% endif %}
{% if authentication['radius_source_address'] %}
nas-ip-address={{authentication['radius_source_address']}}
{% endif -%}
{% if authentication['radiusopt']['dae-srv'] %}
dae-server={{authentication['radiusopt']['dae-srv']['ip-addr']}}:\
{{authentication['radiusopt']['dae-srv']['port']}},\
{{authentication['radiusopt']['dae-srv']['secret']}}
{% endif -%}
gw-ip-address={{gateway_address}}
verbose=1
{% endif -%}

{% if client_ipv6_pool %}
[ipv6-pool]
{% for prfx in client_ipv6_pool.prefix: %}
{{prfx}}
{% endfor %}
{% for prfx in client_ipv6_pool.delegate_prefix: %}
delegate={{prfx}}
{% endfor %}
{% endif %}

{% if client_ipv6_pool['delegate_prefix'] %}
[ipv6-dhcp]
verbose=1
{% endif %}

{% if authentication['radiusopt']['shaper'] %}
[shaper]
verbose=1
attr={{authentication['radiusopt']['shaper']['attr']}}
{% if authentication['radiusopt']['shaper']['vendor'] %}
vendor={{authentication['radiusopt']['shaper']['vendor']}}
{% endif -%}
{% endif %}

[cli]
tcp=127.0.0.1:2004
sessions-columns=ifname,username,calling-sid,ip,{{ip6_column}}{{ip6_dp_column}}rate-limit,type,comp,state,rx-bytes,tx-bytes,uptime