summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorScott Ullrich <sullrich@pfsense.org>2007-05-04 16:48:32 +0000
committerScott Ullrich <sullrich@pfsense.org>2007-05-04 16:48:32 +0000
commitc8c416db7e2fbba3ecb08bbcce6e0ff4616ab0b7 (patch)
treeac48eb36f89899d95c26547c403a1061cc027150
parent447c8e03a1c0dc149fb29fdcd12913f595118590 (diff)
downloadpfsense-c8c416db7e2fbba3ecb08bbcce6e0ff4616ab0b7.zip
pfsense-c8c416db7e2fbba3ecb08bbcce6e0ff4616ab0b7.tar.gz
further changes to 1.3 for pppoe server and pptp server. added to gui add radius acct and auth ports add acct update in seconds option for external radius servers add backup radius server changes rearranges xml for better use moved radius specific features inside tags added options for additional server above 2 miner bug fixes Ticket #1306
-rw-r--r--etc/inc/vpn.inc54
-rwxr-xr-xusr/local/www/vpn_pppoe.php172
-rwxr-xr-xusr/local/www/vpn_pptp.php188
3 files changed, 257 insertions, 157 deletions
diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc
index 2c8555d..6104319 100644
--- a/etc/inc/vpn.inc
+++ b/etc/inc/vpn.inc
@@ -678,10 +678,17 @@ EOD;
EOD;
}
- if (isset($pptpdcfg["wins"]))
- $mpdconf .= " set ipcp nbns {$pptpdcfg['wins']}\n";
- if (is_array($pptpdcfg['dnsserver']) && ($pptpdcfg['dnsserver'][0])) {
- $mpdconf .= " set ipcp dns " . join(" ", $pptpdcfg['dnsserver']) . "\n";
+ if (isset($pptpdcfg['wins'])) {
+ $mpdconf .= <<<EOD
+ set ipcp nbns {$pptpdcfg['wins']}
+
+EOD;
+ }
+ if (isset($pptpdcfg['dns1'])) {
+ $mpdconf .= <<<EOD
+ set ipcp dns {$pptpdcfg['dns1']} {$pptpdcfg['dns2']}
+
+EOD;
} else if (isset($config['dnsmasq']['enable'])) {
$mpdconf .= " set ipcp dns " . $config['interfaces']['lan']['ipaddr'];
if ($syscfg['dnsserver'][0])
@@ -691,29 +698,29 @@ EOD;
$mpdconf .= " set ipcp dns " . join(" ", $syscfg['dnsserver']) . "\n";
}
- if (isset($pptpdcfg['radius']['enable'])) {
+ if (isset($pptpdcfg['radius']['server']['enable'])) {
$mpdconf .= <<<EOD
load radius
radius:
set radius retries 3
set radius timeout 3
- set radius me {$pptpdcfg['radius_nasip']}
+ set radius me {$pptpdcfg['radius']['nasip']}
set auth enable radius-auth
set radius enable message-authentic
EOD;
- if (isset($pptpdcfg['radius']['secenable'])) {
+ if (isset($pptpdcfg['radius']['server2']['enable'])) {
$mpdconf .= <<<EOD
- set radius server {$pptpdcfg['radius']['server2']} "{$pptpdcfg['radius']['secret2']}" 1812 1813
+ set radius server {$pptpdcfg['radius']['server2']['ip']} "{$pptpdcfg['radius']['server2']['secret']}" {$pptpdcfg['radius']['server2']['port']} {$pptpdcfg['radius']['server2']['acctport']}
EOD;
}
- if (isset($pptpdcfg['radius']['enable'])) {
+ if (isset($pptpdcfg['radius']['server']['enable'])) {
$mpdconf .= <<<EOD
- set radius server {$pptpdcfg['radius']['server']} "{$pptpdcfg['radius']['secret']}" 1812 1813
+ set radius server {$pptpdcfg['radius']['server']['ip']} "{$pptpdcfg['radius']['server']['secret']}" {$pptpdcfg['radius']['server']['port']} {$pptpdcfg['radius']['server']['acctport']}
EOD;
}
@@ -721,7 +728,7 @@ EOD;
if (isset($pptpdcfg['radius']['accounting'])) {
$mpdconf .= <<<EOD
set auth enable radius-acct
- set auth acct-update {$pptpdcfg['radius_acct_update']}
+ set auth acct-update {$pptpdcfg['radius']['acct_update']}
EOD;
}
} else {
@@ -868,7 +875,9 @@ function vpn_pppoe_configure() {
/* wait for process to die */
sleep(2);
-
+ unlink_if_exists("{$g['varetc_path']}/mpd-pppoe/mpd.conf");
+ unlink_if_exists("{$g['varetc_path']}/mpd-pppoe/mpd.links");
+ unlink_if_exists("{$g['varetc_path']}/mpd-pppoe/mpd.secret");
}
/* make sure mpd-vpn directory exists */
@@ -949,8 +958,13 @@ pppoe_standart:
set ipcp no vjcomp
EOD;
+ if (isset($pppoecfg['dns1'])) {
+ $mpdconf .= <<<EOD
+ set ipcp dns {$pppoecfg['dns1']} {$pppoecfg['dns2']}
+
+EOD;
- if (isset($config['dnsmasq']['enable'])) {
+ } else if (isset($config['dnsmasq']['enable'])) {
$mpdconf .= " set ipcp dns " . $config['interfaces']['lan']['ipaddr'];
if ($syscfg['dnsserver'][0])
$mpdconf .= " " . $syscfg['dnsserver'][0];
@@ -959,28 +973,28 @@ EOD;
$mpdconf .= " set ipcp dns " . join(" ", $syscfg['dnsserver']) . "\n";
}
- if (isset($pppoecfg['radius']['enable'])) {
+ if (isset($pppoecfg['radius']['server']['enable'])) {
$mpdconf .= <<<EOD
load radius
radius:
set radius retries 3
set radius timeout 3
- set radius me {$pppoecfg['radius_nasip']}
+ set radius me {$pppoecfg['radius']['nasip']}
set auth enable radius-auth
set radius enable message-authentic
EOD;
- if (isset($pppoecfg['radius']['secenable'])) {
+ if (isset($pppoecfg['radius']['server2']['enable'])) {
$mpdconf .= <<<EOD
- set radius server {$pppoecfg['radius']['server2']} "{$pppoecfg['radius']['secret2']}" 1812 1813
+ set radius server {$pppoecfg['radius']['server2']['ip']} "{$pppoecfg['radius']['server2']['secret']}" {$pppoecfg['radius']['server2']['port']} {$pppoecfg['radius']['server2']['acctport']}
EOD;
}
- if (isset($pppoecfg['radius']['enable'])) {
+ if (isset($pppoecfg['radius']['server']['enable'])) {
$mpdconf .= <<<EOD
- set radius server {$pppoecfg['radius']['server']} "{$pppoecfg['radius']['secret']}" 1812 1813
+ set radius server {$pppoecfg['radius']['server']['ip']} "{$pppoecfg['radius']['server']['secret']}" {$pppoecfg['radius']['server']['port']} {$pppoecfg['radius']['server']['acctport']}
EOD;
}
@@ -988,7 +1002,7 @@ EOD;
if (isset($pppoecfg['radius']['accounting'])) {
$mpdconf .= <<<EOD
set auth enable radius-acct
- set auth acct-update {$pppoecfg['radius_acct_update']}
+ set auth acct-update {$pppoecfg['radius']['acct_update']}
EOD;
}
} else {
diff --git a/usr/local/www/vpn_pppoe.php b/usr/local/www/vpn_pppoe.php
index fa6252d..7d941c0 100755
--- a/usr/local/www/vpn_pppoe.php
+++ b/usr/local/www/vpn_pppoe.php
@@ -39,17 +39,26 @@ $pconfig['remoteip'] = $pppoecfg['remoteip'];
$pconfig['localip'] = $pppoecfg['localip'];
$pconfig['mode'] = $pppoecfg['mode'];
$pconfig['interface'] = $pppoecfg['interface'];
-$pconfig['radiusenable'] = isset($pppoecfg['radius']['enable']);
-$pconfig['radacct_enable'] = isset($pppoecfg['radius']['accounting']);
-$pconfig['radiusserver'] = $pppoecfg['radius']['server'];
-$pconfig['radiussecret'] = $pppoecfg['radius']['secret'];
-$pconfig['radiusserver2'] = $pppoecfg['radius']['server2'];
-$pconfig['radiussecret2'] = $pppoecfg['radius']['secret2'];
-$pconfig['radiusissueips'] = isset($pppoecfg['radius']['radiusissueips']);
$pconfig['n_pppoe_units'] = $pppoecfg['n_pppoe_units'];
$pconfig['pppoe_subnet'] = $pppoecfg['pppoe_subnet'];
-$pconfig['radius_nasip'] = $pppoecfg['radius_nasip'];
-$pconfig['radius_acct_update'] = $pppoecfg['radius_acct_update'];
+$pconfig['pppoe_dns1'] = $pppoecfg['dns1'];
+$pconfig['pppoe_dns2'] = $pppoecfg['dns2'];
+$pconfig['radacct_enable'] = isset($pppoecfg['radius']['accounting']);
+$pconfig['radiusissueips'] = isset($pppoecfg['radius']['radiusissueips']);
+$pconfig['radiusenable'] = isset($pppoecfg['radius']['server']['enable']);
+$pconfig['radiusserver'] = $pppoecfg['radius']['server']['ip'];
+$pconfig['radiusserverport'] = $pppoecfg['radius']['server']['port'];
+$pconfig['radiusserveracctport'] = $pppoecfg['radius']['server']['acctport'];
+$pconfig['radiussecret'] = $pppoecfg['radius']['server']['secret'];
+$pconfig['radiussecenable'] = isset($pppoecfg['radius']['server2']['enable']);
+$pconfig['radiusserver2'] = $pppoecfg['radius']['server2']['ip'];
+$pconfig['radiusserver2port'] = $pppoecfg['radius']['server2']['port'];
+$pconfig['radiusserver2acctport'] = $pppoecfg['radius']['server2']['acctport'];
+$pconfig['radiussecret2'] = $pppoecfg['radius']['server2']['secret2'];
+$pconfig['radiusissueips'] = isset($pppoecfg['radius']['radiusissueips']);
+$pconfig['radius_nasip'] = $pppoecfg['radius']['nasip'];
+$pconfig['radius_acct_update'] = $pppoecfg['radius']['acct_update'];
+
if ($_POST) {
@@ -111,22 +120,36 @@ if ($_POST) {
$pppoecfg['interface'] = $_POST['interface'];
$pppoecfg['n_pppoe_units'] = $_POST['n_pppoe_units'];
$pppoecfg['pppoe_subnet'] = $_POST['pppoe_subnet'];
- $pppoecfg['radius']['server'] = $_POST['radiusserver'];
- $pppoecfg['radius']['secret'] = $_POST['radiussecret'];
- $pppoecfg['radius']['server2'] = $_POST['radiusserver2'];
- $pppoecfg['radius']['secret2'] = $_POST['radiussecret2'];
- $pppoecfg['radius_nasip'] = $_POST['radius_nasip'];
- $pppoecfg['radius_acct_update'] = $_POST['radius_acct_update'];
+ $pppoecfg['radius']['server']['ip'] = $_POST['radiusserver'];
+ $pppoecfg['radius']['server']['secret'] = $_POST['radiussecret'];
+ $pppoecfg['radius']['server']['port'] = $_POST['radiusserverport'];
+ $pppoecfg['radius']['server']['acctport'] = $_POST['radiusserveracctport'];
+ $pppoecfg['radius']['server2']['ip'] = $_POST['radiusserver2'];
+ $pppoecfg['radius']['server2']['secret2'] = $_POST['radiussecret2'];
+ $pppoecfg['radius']['server2']['port'] = $_POST['radiusserver2port'];
+ $pppoecfg['radius']['server2']['acctport'] = $_POST['radiusserver2acctport'];
+ $pppoecfg['radius']['nasip'] = $_POST['radius_nasip'];
+ $pppoecfg['radius']['acct_update'] = $_POST['radius_acct_update'];
+
+ if ($_POST['pppoe_dns1'] == "")
+ unset($pppoecfg['dns1']);
+ else
+ $pppoecfg['dns1'] = $_POST['pppoe_dns1'];
+
+ if ($_POST['pppoe_dns2'] == "")
+ unset($pppoecfg['dns2']);
+ else
+ $pppoecfg['dns2'] = $_POST['pppoe_dns2'];
if($_POST['radiusenable'] == "yes")
- $pppoecfg['radius']['enable'] = true;
+ $pppoecfg['radius']['server']['enable'] = true;
else
- unset($pppoecfg['radius']['enable']);
+ unset($pppoecfg['radius']['server']['enable']);
- if($_POST['radiussecondnas'] == "yes")
- $pppoecfg['radius']['secenable'] = true;
+ if($_POST['radiussecenable'] == "yes")
+ $pppoecfg['radius']['server2']['enable'] = true;
else
- unset($pppoecfg['radius']['secenable']);
+ unset($pppoecfg['radius']['server2']['enable']);
if($_POST['radacct_enable'] == "yes")
$pppoecfg['radius']['accounting'] = true;
@@ -174,34 +197,45 @@ function enable_change(enable_over) {
document.iform.remoteip.disabled = 0;
document.iform.localip.disabled = 0;
document.iform.radiusenable.disabled = 0;
- document.iform.radiusissueips.disabled = 0;
document.iform.interface.disabled = 0;
document.iform.n_pppoe_units.disabled = 0;
document.iform.pppoe_subnet.disabled = 0;
+ document.iform.pppoe_dns1.disabled = 0;
+ document.iform.pppoe_dns2.disabled = 0;
if (document.iform.radiusenable.checked || enable_over) {
document.iform.radacct_enable.disabled = 0;
document.iform.radiusserver.disabled = 0;
document.iform.radiussecret.disabled = 0;
+ document.iform.radiusserverport.disabled = 0;
+ document.iform.radiusserveracctport.disabled = 0;
document.iform.radiusissueips.disabled = 0;
document.iform.radius_nasip.disabled = 0;
- if (document.iform.radiussecondnas.checked || enable_over) {
- document.iform.radiusserver2.disabled = 0;
- document.iform.radiussecret2.disabled = 0;
document.iform.radiusissueips.disabled = 0;
document.iform.radius_nasip.disabled = 0;
document.iform.radius_acct_update = 0;
+ document.iform.radiussecenable.disabled = 0;
+ if (document.iform.radiussecenable.checked || enable_over) {
+ document.iform.radiusserver2.disabled = 0;
+ document.iform.radiussecret2.disabled = 0;
+ document.iform.radiusserver2port.disabled = 0;
+ document.iform.radiusserver2acctport.disabled = 0;
} else {
document.iform.radiusserver2.disabled = 1;
document.iform.radiussecret2.disabled = 1;
+ document.iform.radiusserver2port.disabled = 1;
+ document.iform.radiusserver2acctport.disabled = 1;
}
} else {
document.iform.radacct_enable.disabled = 1;
document.iform.radiusserver.disabled = 1;
document.iform.radiussecret.disabled = 1;
+ document.iform.radiusserverport.disabled = 1;
+ document.iform.radiusserveracctport.disabled = 1;
document.iform.radiusissueips.disabled = 1;
document.iform.radius_nasip.disabled = 1;
document.iform.radius_acct_update = 1;
+ document.iform.radiussecenable.disabled = 1;
}
} else {
document.iform.interface.disabled = 1;
@@ -209,12 +243,19 @@ function enable_change(enable_over) {
document.iform.pppoe_subnet.disabled = 1;
document.iform.remoteip.disabled = 1;
document.iform.localip.disabled = 1;
+ document.iform.pppoe_dns1.disabled = 1;
+ document.iform.pppoe_dns2.disabled = 1;
document.iform.radiusenable.disabled = 1;
+ document.iform.radiussecenable.disabled = 1;
document.iform.radacct_enable.disabled = 1;
document.iform.radiusserver.disabled = 1;
document.iform.radiussecret.disabled = 1;
+ document.iform.radiusserverport.disabled = 1;
+ document.iform.radiusserveracctport.disabled = 1;
document.iform.radiusserver2.disabled = 1;
document.iform.radiussecret2.disabled = 1;
+ document.iform.radiusserver2port.disabled = 1;
+ document.iform.radiusserver2acctport.disabled = 1;
document.iform.radiusissueips.disabled = 1;
document.iform.radius_nasip.disabled = 1;
document.iform.radius_acct_update = 1;
@@ -323,7 +364,16 @@ function enable_change(enable_over) {
Specify the starting address for the client IP address subnet.<br>
</td>
</tr>
-
+ <tr>
+ <td width="22%" valign="top" class="vncellreq">DNS servers</td>
+ <td width="78%" class="vtable">
+ <?=$mandfldhtml;?><input name="pppoe_dns1" type="text" class="formfld" id="pppoe_dns1" size="20" value="<?=htmlspecialchars($pconfig['pppoe_dns1']);?>">
+ <br>
+ <input name="pppoe_dns2" type="text" class="formfld" id="pppoe_dns2" size="20" value="<?=htmlspecialchars($pconfig['pppoe_dns2']);?>">
+ <br>
+ If entered they will be given to all pppoe clients else lan dns and one wan dns will go to all clients<br>
+ </td>
+ </tr>
<tr>
<td width="22%" valign="top" class="vncell">RADIUS</td>
<td width="78%" class="vtable">
@@ -335,36 +385,56 @@ function enable_change(enable_over) {
<br>
<input name="radacct_enable" type="checkbox" id="radacct_enable" onclick="enable_change(false)" value="yes" <?php if ($pconfig['radacct_enable']) echo "checked"; ?>>
<strong>Enable RADIUS accounting <br>
- </strong>Sends accounting packets to the RADIUS server.</td>
+ <br>
+ </strong>Sends accounting packets to the RADIUS server.<br>
+ <input name="radiussecenable" type="checkbox" id="radiussecenable" onclick="enable_change(false)" value="yes" <?php if ($pconfig['radiussecenable']) echo "checked"; ?>>
+ <strong>Use Backup Radius Server</strong><br>
+ When set, if primary server fails all requests will be sent via backup server</td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncellreq">NAS IP ADDRESS</td>
+ <td width="78%" class="vtable">
+ <?=$mandfldhtml;?><input name="radius_nasip" type="text" class="formfld" id="radius_nasip" size="20" value="<?=htmlspecialchars($pconfig['radius_nasip']);?>">
+ <br>radius server NAS ip Address<br>
+ </td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncellreq">Radius Accounting Update</td>
+ <td width="78%" class="vtable">
+ <?=$mandfldhtml;?><input name="radius_acct_update" type="text" class="formfld" id="radius_acct_update" size="20" value="<?=htmlspecialchars($pconfig['radius_acct_update']);?>">
+ <br>Radius accounting update period in seconds
+ </td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">RADIUS issued IP's</td>
+ <td width="78%" valign="top" class="vtable">
+ <input name="radiusissueips" value="yes" type="checkbox" class="formfld" id="radiusissueips"<?php if($pconfig['radiusissueips']) echo " CHECKED"; ?>>
+ <br>Issue IP Addresses via RADIUS server.</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncell">RADIUS server Primary</td>
<td width="78%" class="vtable">
<input name="radiusserver" type="text" class="formfld" id="radiusserver" size="20" value="<?=htmlspecialchars($pconfig['radiusserver']);?>">
- <br>
- Enter the IP address of the RADIUS server.</td>
+ <input name="radiusserverport" type="text" class="formfld" id="radiusserverport" size="4" value="<?=htmlspecialchars($pconfig['radiusserverport']);?>">
+ <input name="radiusserveracctport" type="text" class="formfld" id="radiusserveracctport" size="4" value="<?=htmlspecialchars($pconfig['radiusserveracctport']);?>">
+ <br>Enter the IP address and portof the RADIUS server. Format ip auth_port acct_port<br>
+ <br> standard port 1812 and 1813 accounting</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncell">RADIUS primary shared secret</td>
<td width="78%" valign="top" class="vtable">
<input name="radiussecret" type="password" class="formfld" id="radiussecret" size="20" value="<?=htmlspecialchars($pconfig['radiussecret']);?>">
- <br>
- Enter the shared secret that will be used to authenticate
+ <br>Enter the shared secret that will be used to authenticate
to the RADIUS server.</td>
</tr>
- <td width="78%" class="vtable">
- <input name="radiussecondnas" type="checkbox" id="radiussecondnas" onclick="enable_change(false)" value="yes" <?php if ($pconfig['radiussecondnas']) echo "checked"; ?>>
- <strong>Use Backup Radius Server<br>
- </strong>When set, all users will be authenticated using
- the RADIUS server specified below. The local user database
- will not be used.</td>
- </tr>
<tr>
<td width="22%" valign="top" class="vncell">RADIUS server Secondary</td>
<td width="78%" class="vtable">
<input name="radiusserver2" type="text" class="formfld" id="radiusserver2" size="20" value="<?=htmlspecialchars($pconfig['radiusserver2']);?>">
- <br>
- Enter the IP address of the RADIUS server.</td>
+ <input name="radiusserver2port" type="text" class="formfld" id="radiusserver2port" size="4" value="<?=htmlspecialchars($pconfig['radiusserver2port']);?>">
+ <input name="radiusserver2acctport" type="text" class="formfld" id="radiusserver2acctport" size="4" value="<?=htmlspecialchars($pconfig['radiusserver2acctport']);?>">
+ <br>Enter the IP address and port of the BACKUP RADIUS server. Format ip auth_port acct_port<br>
+ <br> standard port 1812 and 1813 accounting</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncell">RADIUS secondary shared secret</td>
@@ -375,29 +445,6 @@ function enable_change(enable_over) {
to the RADIUS server.</td>
</tr>
<tr>
- <td width="22%" valign="top" class="vncellreq">NAS IP ADDRESS</td>
- <td width="78%" class="vtable">
- <?=$mandfldhtml;?><input name="radius_nasip" type="text" class="formfld" id="radius_nasip" size="20" value="<?=htmlspecialchars($pconfig['radius_nasip']);?>">
- <br>
- radius server NAS ip Address<br>
- </td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncellreq">Radius Accounting Update</td>
- <td width="78%" class="vtable">
- <?=$mandfldhtml;?><input name="radius_acct_update" type="text" class="formfld" id="radius_acct_update" size="20" value="<?=htmlspecialchars($pconfig['radius_acct_update']);?>">
- <br>Radius accounting update period in seconds<br>
- </td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">RADIUS issued IP's</td>
- <td width="78%" valign="top" class="vtable">
- <input name="radiusissueips" value="yes" type="checkbox" class="formfld" id="radiusissueips"<?php if($pconfig['radiusissueips']) echo " CHECKED"; ?>>
- <br>Issue IP Addresses via RADIUS server.
-
- </td>
- </tr>
- <tr>
<td height="16" colspan="2" valign="top"></td>
</tr>
<tr>
@@ -426,4 +473,3 @@ enable_change(false);
<?php include("fend.inc"); ?>
</body>
</html>
-
diff --git a/usr/local/www/vpn_pptp.php b/usr/local/www/vpn_pptp.php
index fe5f230..ae54418 100755
--- a/usr/local/www/vpn_pptp.php
+++ b/usr/local/www/vpn_pptp.php
@@ -41,18 +41,24 @@ $pconfig['redir'] = $pptpcfg['redir'];
$pconfig['mode'] = $pptpcfg['mode'];
$pconfig['wins'] = $pptpcfg['wins'];
$pconfig['req128'] = isset($pptpcfg['req128']);
-$pconfig['radiusenable'] = isset($pptpcfg['radius']['enable']);
-$pconfig['radiusissueips'] = isset($pptpdcfg['radius']['radiusissueips']);
-$pconfig['radiussecenable'] = isset($pptpcfg['radius']['secenable']);
-$pconfig['radacct_enable'] = isset($pptpcfg['radius']['accounting']);
-$pconfig['radiusserver'] = $pptpcfg['radius']['server'];
-$pconfig['radiussecret'] = $pptpcfg['radius']['secret'];
-$pconfig['radiusserver2'] = $pptpcfg['radius']['server2'];
-$pconfig['radiussecret2'] = $pptpcfg['radius']['secret2'];
$pconfig['n_pptp_units'] = $pptpcfg['n_pptp_units'];
$pconfig['pptp_subnet'] = $pptpcfg['pptp_subnet'];
-$pconfig['radius_acct_update'] = $pptpcfg['radius_acct_update'];
-$pconfig['radius_nasip'] = $pptpcfg['radius_nasip'];
+$pconfig['pptp_dns1'] = $pptpcfg['dns1'];
+$pconfig['pptp_dns2'] = $pptpcfg['dns2'];
+$pconfig['radiusenable'] = isset($pptpcfg['radius']['enable']);
+$pconfig['radiusissueips'] = isset($pptpcfg['radius']['radiusissueips']);
+$pconfig['radiussecenable'] = isset($pptpcfg['radius']['server2']['enable']);
+$pconfig['radacct_enable'] = isset($pptpcfg['radius']['accounting']);
+$pconfig['radiusserver'] = $pptpcfg['radius']['server']['ip'];
+$pconfig['radiusserverport'] = $pptpcfg['radius']['server']['port'];
+$pconfig['radiusserveracctport'] = $pptpcfg['radius']['server']['acctport'];
+$pconfig['radiussecret'] = $pptpcfg['radius']['server']['secret'];
+$pconfig['radiusserver2'] = $pptpcfg['radius']['server2']['ip'];
+$pconfig['radiusserver2port'] = $pptpcfg['radius']['server2']['port'];
+$pconfig['radiusserver2acctport'] = $pptpcfg['radius']['server2']['acctport'];
+$pconfig['radiussecret2'] = $pptpcfg['radius']['server2']['secret2'];
+$pconfig['radius_acct_update'] = $pptpcfg['radius']['acct_update'];
+$pconfig['radius_nasip'] = $pptpcfg['radius']['nasip'];
if ($_POST) {
@@ -120,17 +126,31 @@ if ($_POST) {
if (!$input_errors) {
$pptpcfg['remoteip'] = $_POST['remoteip'];
$pptpcfg['redir'] = $_POST['redir'];
- $pptp['localip'] = $_POST['localip'];
+ $pptpcfg['localip'] = $_POST['localip'];
$pptpcfg['mode'] = $_POST['mode'];
$pptpcfg['wins'] = $_POST['wins'];
$pptpcfg['n_pptp_units'] = $_POST['n_pptp_units'];
$pptpcfg['pptp_subnet'] = $_POST['pptp_subnet'];
- $pptpcfg['radius']['server'] = $_POST['radiusserver'];
- $pptpcfg['radius']['secret'] = $_POST['radiussecret'];
- $pptpcfg['radius']['server2'] = $_POST['radiusserver2'];
- $pptpcfg['radius']['secret2'] = $_POST['radiussecret2'];
- $pptpcfg['radius_nasip'] = $_POST['radius_nasip'];
- $pptpcfg['radius_acct_update'] = $_POST['radius_acct_update'];
+ $pptpcfg['radius']['server']['ip'] = $_POST['radiusserver'];
+ $pptpcfg['radius']['server']['port'] = $_POST['radiusserverport'];
+ $pptpcfg['radius']['server']['acctport'] = $_POST['radiusserveracctport'];
+ $pptpcfg['radius']['server']['secret'] = $_POST['radiussecret'];
+ $pptpcfg['radius']['server2']['ip'] = $_POST['radiusserver2'];
+ $pptpcfg['radius']['server2']['port'] = $_POST['radiusserver2port'];
+ $pptpcfg['radius']['server2']['acctport'] = $_POST['radiusserver2acctport'];
+ $pptpcfg['radius']['server2']['secret2'] = $_POST['radiussecret2'];
+ $pptpcfg['radius']['nasip'] = $_POST['radius_nasip'];
+ $pptpcfg['radius']['acct_update'] = $_POST['radius_acct_update'];
+
+ if ($_POST['pptp_dns1'] == "")
+ unset($pptpcfg['dns1']);
+ else
+ $pptpcfg['dns1'] = $_POST['pptp_dns1'];
+
+ if ($_POST['pptp_dns2'] == "")
+ unset($pptpcfg['dns2']);
+ else
+ $pptpcfg['dns2'] = $_POST['pptp_dns2'];
if($_POST['req128'] == "yes")
$pptpcfg['req128'] = true;
@@ -138,14 +158,14 @@ if ($_POST) {
unset($pptpcfg['req128']);
if($_POST['radiusenable'] == "yes")
- $pptpcfg['radius']['enable'] = true;
+ $pptpcfg['radius']['server']['enable'] = true;
else
- unset($pptpcfg['radius']['enable']);
+ unset($pptpcfg['radius']['server']['enable']);
if($_POST['radiussecenable'] == "yes")
- $pptpcfg['radius']['secenable'] = true;
+ $pptpcfg['radius']['server']['enable'] = true;
else
- unset($pptpcfg['radius']['secenable']);
+ unset($pptpcfg['radius']['server2']['enable']);
if($_POST['radacct_enable'] == "yes")
$pptpcfg['radius']['accounting'] = true;
@@ -199,46 +219,62 @@ function enable_change(enable_over) {
document.iform.wins.disabled = 0;
document.iform.n_pptp_units.disabled = 0;
document.iform.pptp_subnet.disabled = 0;
+ document.iform.pptp_dns1.disabled = 0;
+ document.iform.pptp_dns2.disabled = 0;
if (document.iform.radiusenable.checked || enable_over) {
document.iform.radiussecenable.disabled = 0;
document.iform.radacct_enable.disabled = 0;
document.iform.radiusserver.disabled = 0;
+ document.iform.radiusserverport.disabled = 0;
+ document.iform.radiusserveracctport.disabled = 0;
document.iform.radiussecret.disabled = 0;
document.iform.radius_nasip.disabled = 0;
document.iform.radius_acct_update.disabled = 0;
document.iform.radiusissueips.disabled = 0;
+ if (document.iform.radiussecenable.checked || enable_over) {
+ document.iform.radiusserver2.disabled = 0;
+ document.iform.radiussecret2.disabled = 0;
+ document.iform.radiusserver2port.disabled = 0;
+ document.iform.radiusserver2acctport.disabled = 0;
+ } else {
+
+ document.iform.radiusserver2.disabled = 1;
+ document.iform.radiussecret2.disabled = 1;
+ document.iform.radiusserver2port.disabled = 1;
+ document.iform.radiusserver2acctport.disabled = 1;
+ }
} else {
document.iform.radacct_enable.disabled = 1;
document.iform.radiusserver.disabled = 1;
+ document.iform.radiusserverport.disabled = 1;
+ document.iform.radiusserveracctport.disabled = 1;
document.iform.radiussecret.disabled = 1;
document.iform.radius_nasip.disabled = 1;
document.iform.radius_acct_update.disabled = 1;
document.iform.radiusissueips.disabled = 1;
}
- if (document.iform.radiussecenable.checked || enable_over) {
- document.iform.radiusserver2.disabled = 0;
- document.iform.radiussecret2.disabled = 0;
- } else {
-
- document.iform.radiusserver2.disabled = 1;
- document.iform.radiussecret2.disabled = 1;
- }
} else {
document.iform.remoteip.disabled = 1;
document.iform.localip.disabled = 1;
document.iform.req128.disabled = 1;
document.iform.n_pptp_units.disabled = 1;
document.iform.pptp_subnet.disabled = 1;
+ document.iform.pptp_dns1.disabled = 1;
+ document.iform.pptp_dns2.disabled = 1;
document.iform.radiusenable.disabled = 1;
document.iform.radacct_enable.disabled = 1;
document.iform.radiusserver.disabled = 1;
+ document.iform.radiusserverport.disabled = 1;
+ document.iform.radiusserveracctport.disabled = 1;
document.iform.radiussecret.disabled = 1;
document.iform.radius_nasip.disabled = 1;
document.iform.radius_acct_update.disabled = 1;
document.iform.radiussecenable.disabled = 1;
document.iform.radiusserver2.disabled = 1;
+ document.iform.radiusserver2port.disabled = 1;
+ document.iform.radiusserver2acctport.disabled = 1;
document.iform.radiussecret2.disabled = 1;
document.iform.wins.disabled = 1;
document.iform.radiusissueips.disabled = 1;
@@ -276,7 +312,7 @@ function enable_change(enable_over) {
<tr>
<td width="22%" valign="top" class="vtable">&nbsp;</td>
<td width="78%" class="vtable">
-<input type="radio" name="mode" value="redir" onclick="enable_change(false)" <?php if ($pconfig['mode'] == "redir") echo "checked"; ?>>
+ <input type="radio" name="mode" value="redir" onclick="enable_change(false)" <?php if ($pconfig['mode'] == "redir") echo "checked"; ?>>
Redirect incoming PPTP connections to:</td>
<tr>
<td width="22%" valign="top" class="vncellreq">PPTP redirection</td>
@@ -288,14 +324,9 @@ function enable_change(enable_over) {
<tr>
<td width="22%" valign="top" class="vtable">&nbsp;</td>
<td width="78%" class="vtable">
-<input type="radio" name="mode" value="server" onclick="enable_change(false)" <?php if ($pconfig['mode'] == "server") echo "checked"; ?>>
+ <input type="radio" name="mode" value="server" onclick="enable_change(false)" <?php if ($pconfig['mode'] == "server") echo "checked"; ?>>
Enable PPTP server</td>
- <tr>
- <td width="22%" valign="top" class="vncellreq">Max. concurrent
- connections</td>
- <td width="78%" class="vtable">
- <?=$g['n_pptp_units'];?>
- </td>
+ </tr>
<tr>
<td width="22%" valign="top" class="vncellreq">Server address</td>
<td width="78%" class="vtable">
@@ -347,22 +378,63 @@ function enable_change(enable_over) {
</td>
</tr>
<tr>
+ <td width="22%" valign="top" class="vncellreq">PPTP DNS Servers</td>
+ <td width="78%" class="vtable">
+ <?=$mandfldhtml;?><input name="pptp_dns1" type="text" class="formfld" id="pptp_dns1" size="20" value="<?=htmlspecialchars($pconfig['pptp_dns1']);?>">
+ <br>
+ <input name="pptp_dns2" type="text" class="formfld" id="pptp_dns2" size="20" value="<?=htmlspecialchars($pconfig['pptp_dns2']);?>">
+ <br>
+
+ primary and secondary dns servers for pptp clients<br>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">WINS Server</td>
+ <td width="78%" valign="top" class="vtable">
+ <input name="wins" class="formfld" id="wins" size="20" value="<?=htmlspecialchars($pconfig['wins']);?>">
+ </td>
+ </tr>
+ <tr>
<td width="22%" valign="top" class="vncell">RADIUS</td>
<td width="78%" class="vtable">
<input name="radiusenable" type="checkbox" id="radiusenable" onclick="enable_change(false)" value="yes" <?php if ($pconfig['radiusenable']) echo "checked"; ?>>
- <strong>Use a RADIUS server for authentication<br>
- </strong>When set, all users will be authenticated using
+ <strong>Use a RADIUS server for authentication</strong><br>
+ When set, all users will be authenticated using
the RADIUS server specified below. The local user database
will not be used.<br>
<br>
<input name="radacct_enable" type="checkbox" id="radacct_enable" onclick="enable_change(false)" value="yes" <?php if ($pconfig['radacct_enable']) echo "checked"; ?>>
<strong>Enable RADIUS accounting <br>
- </strong>Sends accounting packets to the RADIUS server.</td>
+ </strong>Sends accounting packets to the RADIUS server.<br>
+ <br>
+ <input name="radiussecenable" type="checkbox" id="radiussecenable" onclick="enable_change(false)" value="yes" <?php if ($pconfig['radiussecenable']) echo "checked"; ?>>
+ <strong>backup RADIUS server for failover authentication</strong><br>
+ When set, if primary radius fails all request will go to the backup server</td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">Radius NAS IP</td>
+ <td width="78%" valign="top" class="vtable">
+ <input name="radius_nasip" class="formfld" id="radius_nasip" size="20" value="<?=htmlspecialchars($pconfig['radius_nasip']);?>">
+ </td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">Radius Accounting Update</td>
+ <td width="78%" valign="top" class="vtable">
+ <input name="radius_acct_update" class="formfld" id="radius_acct_update" size="20" value="<?=htmlspecialchars($pconfig['radius_acct_update']);?>">
+ </td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">RADIUS issued IP's</td>
+ <td width="78%" valign="top" class="vtable">
+ <input name="radiusissueips" value="yes" type="checkbox" class="formfld" id="radiusissueips"<?php if($pconfig['radiusissueips']) echo " CHECKED"; ?>>
+ <br>Issue IP Addresses via RADIUS server.
+ </td>
</tr>
<tr>
<td width="22%" valign="top" class="vncell">RADIUS server </td>
<td width="78%" class="vtable">
<input name="radiusserver" type="text" class="formfld" id="radiusserver" size="20" value="<?=htmlspecialchars($pconfig['radiusserver']);?>">
+ <input name="radiusserverport" type="text" class="formfld" id="radiusserverport" size="4" value="<?=htmlspecialchars($pconfig['radiusserverport']);?>">
+ <input name="radiusserveracctport" type="text" class="formfld" id="radiusserveracctport" size="4" value="<?=htmlspecialchars($pconfig['radiusserveracctport']);?>">
<br>
Enter the IP address of the RADIUS server.</td>
</tr>
@@ -374,17 +446,12 @@ function enable_change(enable_over) {
Enter the shared secret that will be used to authenticate
to the RADIUS server.</td>
</tr>
- <td width="78%" class="vtable">
- <input name="radiussecenable" type="checkbox" id="radiussecenable" onclick="enable_change(false)" value="yes" <?php if ($pconfig['radiussecenable']) echo "checked"; ?>>
- <strong>Use a backup RADIUS server for failover authentication<br>
- </strong>When set, all users will be authenticated using
- the RADIUS server specified below. The local user database
- will not be used</td>
- </tr>
<tr>
<td width="22%" valign="top" class="vncell">BACKUP RADIUS server </td>
<td width="78%" class="vtable">
<input name="radiusserver2" type="text" class="formfld" id="radiusserver2" size="20" value="<?=htmlspecialchars($pconfig['radiusserver2']);?>">
+ <input name="radiusserver2port" type="text" class="formfld" id="radiusserver2port" size="4" value="<?=htmlspecialchars($pconfig['radiusserver2port']);?>">
+ <input name="radiusserver2acctport" type="text" class="formfld" id="radiusserver2acctport" size="4" value="<?=htmlspecialchars($pconfig['radiusserver2acctport']);?>">
<br>
Enter the IP address of the RADIUS server.</td>
</tr>
@@ -397,32 +464,6 @@ function enable_change(enable_over) {
to the RADIUS server.</td>
</tr>
<tr>
- <td width="22%" valign="top" class="vncell">Radius NAS IP</td>
- <td width="78%" valign="top" class="vtable">
- <input name="radius_nasip" class="formfld" id="radius_nasip" size="20" value="<?=htmlspecialchars($pconfig['radius_nasip']);?>">
- </td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Radius Accounting Update</td>
- <td width="78%" valign="top" class="vtable">
- <input name="radius_acct_update" class="formfld" id="radius_acct_update" size="20" value="<?=htmlspecialchars($pconfig['radius_acct_update']);?>">
- </td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">RADIUS issued IP's</td>
- <td width="78%" valign="top" class="vtable">
- <input name="radiusissueips" value="yes" type="checkbox" class="formfld" id="radiusissueips"<?php if($pconfig['radiusissueips']) echo " CHECKED"; ?>>
- <br>Issue IP Addresses via RADIUS server.
-
- </td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">WINS Server</td>
- <td width="78%" valign="top" class="vtable">
- <input name="wins" class="formfld" id="wins" size="20" value="<?=htmlspecialchars($pconfig['wins']);?>">
- </td>
- </tr>
- <tr>
<td height="16" colspan="2" valign="top"></td>
</tr>
<tr>
@@ -461,4 +502,3 @@ enable_change(false);
<?php include("fend.inc"); ?>
</body>
</html>
-
OpenPOWER on IntegriCloud