On 30/11/10 15:49, Ben McGinnes wrote: >> > That is there must be a specific IP address assigned to a user/password >> > combination. pptp does not really do this but I wrote sort of a backend >> > (or maybe frontend? ;-) ) to change the IP address assigned based on a >> > login and password. It is extra stuff I would prefer not to do though. > > RADIUS can assign a specific IP to a given user, but let OpenVPN > handle the encryption. You don't even need RADIUS to provide specific IP addresses. You can either use --ifconfig-pool-persist or --client-config-dir. --ifconfig-pool-persist will create a file with a kind of a database of which IP addresses assigned to clients earlier, and will re-assign the same IP address if found here. That's the automatic way of doing it. However, if you're running out of IP addresses from your initial address pool, IP addresses will be reused. --client-config-dir combined with --push "ifconfig <ipaddr> <netmask>" in a client specific config file, will provide this feature consistently. It's also possible to use other plug-ins or scripts to provide client specific IP addresses and/or routes dynamically, based on who the client is ... Which is what the RADIUS plug-in does. kind regards, David Sommerseth _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos