diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2007-06-30 20:57:30 +0000 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2007-06-30 20:57:30 +0000 |
commit | 66cc67c6ececa3adfa666afc703a6d998f863220 (patch) | |
tree | a67cb95bd2f28edfa9f4e99021afeb95202afb1b /etc | |
parent | d584a8978edad7136c91628a675b626b389a4aa3 (diff) | |
download | pfsense-66cc67c6ececa3adfa666afc703a6d998f863220.zip pfsense-66cc67c6ececa3adfa666afc703a6d998f863220.tar.gz |
Add ASN1DN identities support to IPSEC.
Subbmitted-by: Nic Bernstein <nic_AT_onlight.com>
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/vpn.inc | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc index 23e3439..cbeff52 100644 --- a/etc/inc/vpn.inc +++ b/etc/inc/vpn.inc @@ -315,6 +315,9 @@ function vpn_ipsec_configure($ipchg = false) { } else if (isset($tunnel['p1']['myident']['ufqdn'])) { $myidentt = "user_fqdn"; $myident = $tunnel['p1']['myident']['ufqdn']; + } else if (isset($tunnel['p1']['myident']['asn1dn'])) { + $myidentt = "asn1dn"; + $myident = $tunnel['p1']['myident']['asn1dn']; } else if (isset($tunnel['p1']['myident']['dyn_dns'])) { $myidentt = "dyn_dns"; $myident = gethostbyname($tunnel['p1']['myident']['dyn_dns']); @@ -376,10 +379,13 @@ function vpn_ipsec_configure($ipchg = false) { EOD; } } + $myidentifier = $myidentt; + if (!empty($myident)) + $myidentifier .= ' "' . $myident . '"'; $racoonconf .= <<<EOD remote {$tunnel['remote-gateway']} \{ exchange_mode {$tunnel['p1']['mode']}; - my_identifier {$myidentt} "{$myident}"; + my_identifier {$myidentifier}; {$certline} peers_identifier address {$tunnel['remote-gateway']}; initial_contact on; @@ -440,6 +446,9 @@ EOD; } else if (isset($tunnel['p1']['myident']['ufqdn'])) { $myidentt = "user_fqdn"; $myident = $tunnel['p1']['myident']['ufqdn']; + } else if (isset($tunnel['p1']['myident']['asn1dn'])) { + $myidentt = "asn1dn"; + $myident = $tunnel['p1']['myident']['asn1dn']; } if (isset($tunnel['p1']['authentication_method'])) { |