welterde/l2tpns
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add lcp_renegotiation option

Browse source 
To support proxy LCP negotiation.

Note: we *have* to take the auth id from the proxy answer, otherwise we would
replay previous ids, for which the client might cache the answer and thus
ignore our new challenge and just repeat their outdated answer.
This commit is contained in:
Samuel Thibault 2025-03-08 20:09:33 -05:00
parent 817ce35748
commit e7db528544
6 changed files with 388 additions and 31 deletions
Download patch file Download diff file Expand all files Collapse all files

12
docs/src/html/manual.md
View file

@ -159,6 +159,18 @@ should be set by a line like: set configstring \"value\" set ipaddress
: PPP counter and timer values, as described in §4.1 of
[RFC1661](ftp://ftp.rfc-editor.org/in-notes/rfc1661.txt).
`lcp_renegotiation` (string)
: By default (`always`), we renegotiate LCP even if the LAC already did with
the client.
We can avoid the LCP renegotiation (proxy LCP negotiation), unless what was
already negotiated is not fine for us (`on-mismatch`). To be noted: we will
accept not using our preferred RADIUS authentication method.
This is notably useful when the LAC cannot pass LCP configuration through,
and thus we have to try to accept what was already negotiated by the LAC
with the client.
`primary_dns` (ip address); `econdary_dns` (ip address)
: Whenever a PPP connection is established, DNS servers will be sent