blob: d38e53f158bfdf7e05b799fa35c983bbf98d9dd8 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
### Autogenerated by interfaces_sstpc.py ###
{{ '# ' ~ description if description is vyos_defined else '' }}
# Require peer to provide the local IP address if it is not
# specified explicitly in the config file.
noipdefault
# Don't show the password in logfiles:
hide-password
remotename {{ ifname }}
linkname {{ ifname }}
ipparam {{ ifname }}
ifname {{ ifname }}
pty "sstpc --ipparam {{ ifname }} --nolaunchpppd {{ server }}:{{ port }} --ca-cert {{ ca_file_path }}"
# Override any connect script that may have been set in /etc/ppp/options.
connect /bin/true
# We don't need the server to auth itself
noauth
# We won't want EAP
refuse-eap
# Don't try to proxy ARP for the remote endpoint. User can set proxy
# arp entries up manually if they wish. More importantly, having
# the "proxyarp" parameter set disables the "defaultroute" option.
noproxyarp
# Unlimited connection attempts
maxfail 0
plugin sstp-pppd-plugin.so
sstp-sock /var/run/sstpc/sstpc-{{ ifname }}
persist
debug
# pppd should create a UUCP-style lock file for the serial device to ensure
# exclusive access to the device. By default, pppd will not create a lock file.
lock
# Disables Deflate compression
nodeflate
{% if authentication is vyos_defined %}
{{ 'user "' + authentication.username + '"' if authentication.username is vyos_defined }}
{{ 'password "' + authentication.password + '"' if authentication.password is vyos_defined }}
{% endif %}
{{ "usepeerdns" if no_peer_dns is not vyos_defined }}
|
