Actions
Bug #13450
openL2TP Clients system alias is not populated
Start date:
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
Plus-Next
Release Notes:
Default
Affected Version:
2.6.0
Affected Architecture:
All
Description
After creating an L2TP server and defining a 'Remote address range' for clients it should be possible to use that in firewall rules using the 'L2TP Clients' system alias.
However that alias is not populated so rules using it are never created.
For example this rule:
<rule> <id></id> <tracker>1661518708</tracker> <type>pass</type> <interface>l2tp</interface> <ipprotocol>inet</ipprotocol> <tag></tag> <tagged></tagged> <max></max> <max-src-nodes></max-src-nodes> <max-src-conn></max-src-conn> <max-src-states></max-src-states> <statetimeout></statetimeout> <statetype><![CDATA[keep state]]></statetype> <os></os> <source> <network>l2tp</network> </source> <destination> <network>lan</network> </destination> <descr><![CDATA[Test L2TP]]></descr> </rule>
Results in:
# source address is empty. label "USER_RULE: Test L2TP"
However the l2tp client subnet does appear in the tonat list, it is recognised correctly.
Tested in 2.6 and 22.05.
Updated by Steve Wheeler over 2 years ago
Tested using l2tp config:
<l2tp> <radius> <server></server> <secret></secret> </radius> <remoteip>10.99.0.0</remoteip> <localip>10.99.0.128</localip> <l2tp_subnet>25</l2tp_subnet> <mode>server</mode> <interface>wan</interface> <n_l2tp_units>10</n_l2tp_units> <secret></secret> <paporchap>chap</paporchap> <dns1>10.99.0.128</dns1> <user> <name>test1</name> <ip></ip> <password><![CDATA[12345]]></password> </user> </l2tp>
Actions