diff options
author | Renato Botelho <renato@netgate.com> | 2017-07-31 16:33:33 -0300 |
---|---|---|
committer | Renato Botelho <renato@netgate.com> | 2017-07-31 16:33:33 -0300 |
commit | 3919438729fb2451e14b1940a09b88c8bd785efb (patch) | |
tree | 5c473ac157db2c20c4d954cdba0ac911d4e707e8 /src/etc | |
parent | 16dec2f300369c67746c500fd9bb805c11c7cb18 (diff) | |
parent | 376e6f6719e6463913045b233ca90d69254057ff (diff) | |
download | pfsense-3919438729fb2451e14b1940a09b88c8bd785efb.zip pfsense-3919438729fb2451e14b1940a09b88c8bd785efb.tar.gz |
Merge pull request #3770 from hamnur/master
Diffstat (limited to 'src/etc')
-rw-r--r-- | src/etc/inc/vpn.inc | 17 |
1 files changed, 14 insertions, 3 deletions
diff --git a/src/etc/inc/vpn.inc b/src/etc/inc/vpn.inc index 1398135..6390aed 100644 --- a/src/etc/inc/vpn.inc +++ b/src/etc/inc/vpn.inc @@ -489,12 +489,19 @@ EOD; } } + /* Activate RADIUS accounting if it was selected on the auth server view */ + $radius_accounting = ""; + if($auth_server && isset($auth_server['radius_acct_port'])){ + $radius_accounting = 'accounting = yes'; + } + /* write an eap-radius config section if appropriate */ if (strlen($radius_server_txt) && ($mobile_ipsec_auth === "eap-radius")) { $strongswan .= <<<EOD eap-radius { class_group = yes eap_start = no + {$radius_accounting} servers { {$radius_server_txt} } @@ -1101,10 +1108,14 @@ EOD; } else { $reauth = "reauth = yes"; } + if (isset($ph1ent['rekey_enable'])) { - $rekey = "rekey = no"; + $rekeyline = "rekey = no"; } else { - $rekey = "rekey = yes"; + $rekeyline = "rekey = yes"; + if(!empty($ph1ent['margintime'])){ + $rekeyline .= "\n\tmargintime = {$ph1ent['margintime']}s"; + } } if ($ph1ent['nat_traversal'] == 'off') { @@ -1303,7 +1314,7 @@ EOD; {$forceencaps} {$mobike} {$tfc} - {$rekey} + {$rekeyline} installpolicy = yes {$tunneltype} {$dpdline} |