[strongSwan] Please help this assign different ippool any problem?
Yanrui Hu
yhu at appannie.com
Tue Oct 27 02:43:22 CET 2015
I indeed is going to use on strongswan.
No such samples in strongswan, I read the wiki everyday and never see such
sample.
On Mon, Oct 26, 2015 at 7:23 PM, zhuyj <mounter625 at 163.com> wrote:
> You can refer to samples of strong swan, there are a lot of samples. Maybe
> it can help you!
>
> 发自我的 iPhone
>
> 在 2015年10月26日,17:44,Yanrui Hu <yhu at appannie.com> 写道:
>
> Guys,
> I start a new thread cause this question is more specific.
> To be simple, let me introduce the configuration:
>
> In file: users
> DEFAULT SQL-Group == "restricted", Pool-Name := "main_pool"
> Fall-Through = Yes
>
> DEFAULT Pool-Name := "tc_pool"
> Fall-Through = Yes
>
> In file:modules/ippool
> ippool main_pool {
> range-start = 172.16.10.1
> range-stop = 172.16.10.254
> netmask = 255.255.255.0
> cache-size = 254
> session-db = ${raddbdir}/db.ipmainpool
> ip-index = ${raddbdir}/db.ipmainindex
> override = no
> maximum-timeout = 0
> }
> ippool tc_pool {
> range-start = 172.16.11.1
> range-stop = 172.16.11.254
> netmask = 255.255.255.0
> cache-size = 254
> session-db = ${raddbdir}/db.ipsecondarypool
> ip-index = ${raddbdir}/db.ipsecondaryindex
> override = no
> maximum-timeout = 0
> }
> In file: site-enabled/default
> under accounting and post-auth
> if (SQL-Group == "restricted") {
> main_pool
> }
> else {
> tc_pool
> }
>
> I have put some user into restricted group in db. and want these users get
> different ippool, but seems when use main_pool as above, vpn client can not
> connect. Is there any reason that two ippool can not exist together?
>
> --
> Best Regards,
>
> Yanrui Hu
>
> *This email may contain or reference confidential information and is
> intended only for the individual to whom it is addressed. Please refrain
> from distributing, disclosing or copying this email and the information
> contained within unless you are the intended recipient. If you received
> this email in error, please notify us at legal at appannie.com
> <legal at appannie.com>** immediately and remove it from your system.*
>
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
>
>
--
Best Regards,
Yanrui Hu
--
*This email may contain or reference confidential information and is
intended only for the individual to whom it is addressed. Please refrain
from distributing, disclosing or copying this email and the information
contained within unless you are the intended recipient. If you received
this email in error, please notify us at legal at appannie.com
<legal at appannie.com>** immediately and remove it from your system.*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20151027/c6454c02/attachment-0001.html>
More information about the Users
mailing list