Re: Optimal VPN

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 30/11/10 15:49, Ben McGinnes wrote:
>> > That is there must be a specific IP address assigned to a user/password
>> > combination. pptp does not really do this but I wrote sort of a backend
>> > (or maybe frontend? ;-) ) to change the IP address assigned based on a
>> > login and password. It is extra stuff I would prefer not to do though.
>
> RADIUS can assign a specific IP to a given user, but let OpenVPN
> handle the encryption.

You don't even need RADIUS to provide specific IP addresses.  You can
either use --ifconfig-pool-persist or --client-config-dir.

--ifconfig-pool-persist will create a file with a kind of a database of
which IP addresses assigned to clients earlier, and will re-assign the
same IP address if found here.  That's the automatic way of doing it.
However, if you're running out of IP addresses from your initial address
pool, IP addresses will be reused.

--client-config-dir combined with --push "ifconfig <ipaddr> <netmask>"
in a client specific config file, will provide this feature consistently.

It's also possible to use other plug-ins or scripts to provide client
specific IP addresses and/or routes dynamically, based on who the client
is ... Which is what the RADIUS plug-in does.


kind regards,

David Sommerseth

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux