Révision 4767004f
Ajouté par Ermal il y a presque 10 ans
etc/inc/vpn.inc | ||
---|---|---|
647 | 647 |
if ($ph1ent['lifetime']) |
648 | 648 |
$lifeline = "ikelifetime = {$ph1ent['lifetime']}s"; |
649 | 649 |
|
650 |
$remoteid_spec = ''; |
|
650 | 651 |
if (($ph2ent['mode'] == 'tunnel') or ($ph2ent['mode'] == 'tunnel6')) { |
651 | 652 |
$tunneltype = "type = tunnel"; |
652 | 653 |
|
... | ... | |
681 | 682 |
} |
682 | 683 |
|
683 | 684 |
if (!isset($ph2ent['mobile'])) { |
684 |
$remoteid_type = $ph2ent['remoteid']['type']; |
|
685 |
if ($remoteid_type != "address") |
|
686 |
$remoteid_type = "subnet"; |
|
687 |
|
|
688 | 685 |
$remoteid_data = ipsec_idinfo_to_cidr($ph2ent['remoteid'], false, $ph2ent['mode']); |
689 |
$remoteid_spec = $remoteid_data; |
|
690 |
} |
|
686 |
$remoteid_spec = "\trightsubnet = {$remoteid_data}"; |
|
687 |
} else if (!empty($a_client['pool_address'])) |
|
688 |
$remoteid_spec = "\trightsourceip = {$a_client['pool_address']}/{$a_client['pool_netbits']}"; |
|
691 | 689 |
} else { |
692 | 690 |
$tunneltype = "type = transport"; |
693 | 691 |
$rgip = $ph1ent['remote-gateway']; |
... | ... | |
701 | 699 |
$localid_spec = $ep; |
702 | 700 |
} |
703 | 701 |
if (!isset($ph2ent['mobile'])) { |
704 |
$remoteid_spec = $rgip;
|
|
702 |
$remoteid_spec = "\trightsubnet = {$rgip}";
|
|
705 | 703 |
} |
706 | 704 |
} |
707 | 705 |
$authentication = ""; |
... | ... | |
810 | 808 |
EOD; |
811 | 809 |
|
812 | 810 |
if (!empty($remoteid_spec)) |
813 |
$ipsecconf .= "\trightsubnet = $remoteid_spec\n";
|
|
811 |
$ipsecconf .= "{$remoteid_spec}\n";
|
|
814 | 812 |
if (!empty($ealgosp1)) |
815 | 813 |
$ipsecconf .= "\t{$ealgosp1}\n"; |
816 | 814 |
if (!empty($ealgosp2)) |
Formats disponibles : Unified diff
Use the right specification for ahnding over the subnet to mobile clients