Re: limiting access thru pptp

To: debian-firewall@lists.debian.org
Subject: Re: limiting access thru pptp
From: Tarragon Allen <tarragon@onthe.net.au>
Date: Fri, 31 Oct 2003 10:29:36 +1100
Message-id: <[🔎] 200310311029.36084.tarragon@onthe.net.au>
In-reply-to: <[🔎] 20031030161730.GD9775@king.floater.org>
References: <[🔎] 20031029224036.GB19683@bayes.biologie.hu-berlin.de> <[🔎] 20031030161730.GD9775@king.floater.org>

On Friday 31 October 2003 03:17, Andrei D. Caraman wrote:
> A closer scan of pppd manuals would reveal that you can, in
> fact, assign per-user IP addresses.  The trick is to have the
> lines in /etc/ppp/{pap,chap}-secrets in the format:
>
> username	server	secret	IP_address
>
> for example:
>
> stephan		*	beirer	192.168.168.192
>
> Then make sure your /etc/pptpd.conf file correctly states the
> intended range for remote ip addresses, as in
>
> remoteip	192.168.168.190-220
>
> That should be all.

Actually, the final step (setting the remoteip range) isn't required. I have a 
pptp server that assigns static ips to clients and I have no remoteip line at 
all. The remoteip line just gives the pptp daemon a range to pull from, 
similar to dhcp - if you're setting statics in the {pap,chap}.secrets file, 
then remoteip doesn't need to be defined at all. Just thought I'd clarify 
this.

t
-- 
GPG: http://n12turbo.com/tarragon/public.key

Reply to:

References:
- limiting access thru pptp
  - From: stephan beirer <beirer-debfw@itb.biologie.hu-berlin.de>
- Re: limiting access thru pptp
  - From: "Andrei D. Caraman" <adc@floater.org>

Prev by Date: Help needed regarding IXP1200
Next by Date: Re: please help me
Previous by thread: Re: limiting access thru pptp
Next by thread: Re: limiting access thru pptp
Index(es):
- Date
- Thread