Révision 4767004f
Ajouté par Ermal il y a presque 10 ans
| etc/inc/vpn.inc | ||
|---|---|---|
| 647 | 647 |
if ($ph1ent['lifetime']) |
| 648 | 648 |
$lifeline = "ikelifetime = {$ph1ent['lifetime']}s";
|
| 649 | 649 |
|
| 650 |
$remoteid_spec = ''; |
|
| 650 | 651 |
if (($ph2ent['mode'] == 'tunnel') or ($ph2ent['mode'] == 'tunnel6')) {
|
| 651 | 652 |
$tunneltype = "type = tunnel"; |
| 652 | 653 |
|
| ... | ... | |
| 681 | 682 |
} |
| 682 | 683 |
|
| 683 | 684 |
if (!isset($ph2ent['mobile'])) {
|
| 684 |
$remoteid_type = $ph2ent['remoteid']['type']; |
|
| 685 |
if ($remoteid_type != "address") |
|
| 686 |
$remoteid_type = "subnet"; |
|
| 687 |
|
|
| 688 | 685 |
$remoteid_data = ipsec_idinfo_to_cidr($ph2ent['remoteid'], false, $ph2ent['mode']); |
| 689 |
$remoteid_spec = $remoteid_data; |
|
| 690 |
} |
|
| 686 |
$remoteid_spec = "\trightsubnet = {$remoteid_data}";
|
|
| 687 |
} else if (!empty($a_client['pool_address'])) |
|
| 688 |
$remoteid_spec = "\trightsourceip = {$a_client['pool_address']}/{$a_client['pool_netbits']}";
|
|
| 691 | 689 |
} else {
|
| 692 | 690 |
$tunneltype = "type = transport"; |
| 693 | 691 |
$rgip = $ph1ent['remote-gateway']; |
| ... | ... | |
| 701 | 699 |
$localid_spec = $ep; |
| 702 | 700 |
} |
| 703 | 701 |
if (!isset($ph2ent['mobile'])) {
|
| 704 |
$remoteid_spec = $rgip;
|
|
| 702 |
$remoteid_spec = "\trightsubnet = {$rgip}";
|
|
| 705 | 703 |
} |
| 706 | 704 |
} |
| 707 | 705 |
$authentication = ""; |
| ... | ... | |
| 810 | 808 |
EOD; |
| 811 | 809 |
|
| 812 | 810 |
if (!empty($remoteid_spec)) |
| 813 |
$ipsecconf .= "\trightsubnet = $remoteid_spec\n";
|
|
| 811 |
$ipsecconf .= "{$remoteid_spec}\n";
|
|
| 814 | 812 |
if (!empty($ealgosp1)) |
| 815 | 813 |
$ipsecconf .= "\t{$ealgosp1}\n";
|
| 816 | 814 |
if (!empty($ealgosp2)) |
Formats disponibles : Unified diff
Use the right specification for ahnding over the subnet to mobile clients