diff options
| author | Ermal <eri@pfsense.org> | 2014-09-09 17:28:39 +0200 |
|---|---|---|
| committer | Ermal <eri@pfsense.org> | 2014-09-09 17:28:39 +0200 |
| commit | 76fa9adb236ba342311190a044f0439aab9425d7 (patch) | |
| tree | 14cc80c999a6c9b03d71fe22fdd5d4fd136b619b /etc/inc/vpn.inc | |
| parent | b22ef1602bfba55c6b816181bcf61e7b1d5f433e (diff) | |
| download | pfsense-76fa9adb236ba342311190a044f0439aab9425d7.zip pfsense-76fa9adb236ba342311190a044f0439aab9425d7.tar.gz | |
Blah unconditionally set rightsourceip per https://forum.pfsense.org/index.php?topic=80300.0 Until pools can be supported properly.
Diffstat (limited to 'etc/inc/vpn.inc')
| -rw-r--r-- | etc/inc/vpn.inc | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc index 0a9ce06..3f4cb76 100644 --- a/etc/inc/vpn.inc +++ b/etc/inc/vpn.inc @@ -586,8 +586,11 @@ EOD; if ($ph1ent['lifetime']) $ikelifeline = "ikelifetime = {$ph1ent['lifetime']}s"; - $authentication = ""; $rightsourceip = NULL; + if (!empty($a_client['pool_address'])) + $rightsourceip = "\trightsourceip = {$a_client['pool_address']}/{$a_client['pool_netbits']}\n"; + + $authentication = ""; switch ($ph1ent['authentication_method']) { case 'xauth_rsa_server': $authentication = "leftauth = pubkey\n\trightauth = pubkey"; @@ -596,8 +599,6 @@ EOD; case 'xauth_psk_server': $authentication = "leftauth = psk\n\trightauth = psk"; $authentication .= "\n\trightauth2 = xauth-generic"; - if (!empty($a_client['pool_address'])) - $rightsourceip = "\trightsourceip = {$a_client['pool_address']}/{$a_client['pool_netbits']}\n"; break; case 'pre_shared_key': $authentication = "leftauth = psk\n\trightauth = psk"; |
