/usr/local/www/vpn_pptp.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/vpn_pptp.php @ 048dd7b9

1	5b237745	Scott Ullrich	<?php
2			/*
3			vpn_pptp.php
4			part of m0n0wall (http://m0n0.ch/wall)
5	e2411886	Scott Ullrich
6			Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>.
7	5b237745	Scott Ullrich	All rights reserved.
8	e2411886	Scott Ullrich
9	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
10			modification, are permitted provided that the following conditions are met:
11	e2411886	Scott Ullrich
12	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
13			this list of conditions and the following disclaimer.
14	e2411886	Scott Ullrich
15	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
16			notice, this list of conditions and the following disclaimer in the
17			documentation and/or other materials provided with the distribution.
18	e2411886	Scott Ullrich
19	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
20			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
21			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
22			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
23			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
24			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
26			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
27			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
28			POSSIBILITY OF SUCH DAMAGE.
29			*/
30
31	6b07c15a	Matthew Grooms	##\|+PRIV
32			##\|*IDENT=page-vpn-vpnpptp
33			##\|*NAME=VPN: VPN PPTP page
34			##\|*DESCR=Allow access to the 'VPN: VPN PPTP' page.
35			##\|MATCH=vpn_pptp.php
36			##\|-PRIV
37
38	5b237745	Scott Ullrich	require("guiconfig.inc");
39	7a927e67	Scott Ullrich	require_once("functions.inc");
40			require_once("filter.inc");
41			require_once("shaper.inc");
42	483e6de8	Scott Ullrich	require_once("vpn.inc");
43	5b237745	Scott Ullrich
44			if (!is_array($config['pptpd']['radius'])) {
45			$config['pptpd']['radius'] = array();
46			}
47			$pptpcfg = &$config['pptpd'];
48
49			$pconfig['remoteip'] = $pptpcfg['remoteip'];
50			$pconfig['localip'] = $pptpcfg['localip'];
51			$pconfig['redir'] = $pptpcfg['redir'];
52			$pconfig['mode'] = $pptpcfg['mode'];
53	10d470b9	Scott Ullrich	$pconfig['wins'] = $pptpcfg['wins'];
54	5b237745	Scott Ullrich	$pconfig['req128'] = isset($pptpcfg['req128']);
55	07cae4b2	Scott Ullrich	$pconfig['n_pptp_units'] = $pptpcfg['n_pptp_units'];
56	c8c416db	Scott Ullrich	$pconfig['pptp_dns1'] = $pptpcfg['dns1'];
57			$pconfig['pptp_dns2'] = $pptpcfg['dns2'];
58	71569a7e	jim-p	$pconfig['radiusenable'] = isset($pptpcfg['radius']['server']['enable']);
59	c8c416db	Scott Ullrich	$pconfig['radiusissueips'] = isset($pptpcfg['radius']['radiusissueips']);
60			$pconfig['radiussecenable'] = isset($pptpcfg['radius']['server2']['enable']);
61			$pconfig['radacct_enable'] = isset($pptpcfg['radius']['accounting']);
62			$pconfig['radiusserver'] = $pptpcfg['radius']['server']['ip'];
63			$pconfig['radiusserverport'] = $pptpcfg['radius']['server']['port'];
64			$pconfig['radiusserveracctport'] = $pptpcfg['radius']['server']['acctport'];
65			$pconfig['radiussecret'] = $pptpcfg['radius']['server']['secret'];
66			$pconfig['radiusserver2'] = $pptpcfg['radius']['server2']['ip'];
67			$pconfig['radiusserver2port'] = $pptpcfg['radius']['server2']['port'];
68			$pconfig['radiusserver2acctport'] = $pptpcfg['radius']['server2']['acctport'];
69			$pconfig['radiussecret2'] = $pptpcfg['radius']['server2']['secret2'];
70			$pconfig['radius_acct_update'] = $pptpcfg['radius']['acct_update'];
71			$pconfig['radius_nasip'] = $pptpcfg['radius']['nasip'];
72	5b237745	Scott Ullrich
73			if ($_POST) {
74
75	7eaf04fd	Erik Fonnesbeck	if (isset($input_errors))
76			unset($input_errors);
77	5b237745	Scott Ullrich	$pconfig = $_POST;
78
79			/* input validation */
80			if ($_POST['mode'] == "server") {
81			$reqdfields = explode(" ", "localip remoteip");
82	989d117b	Rafael Lucas	$reqdfieldsn = array(gettext("Server address"),gettext("Remote start address"));
83	e2411886	Scott Ullrich
84	5b237745	Scott Ullrich	if ($_POST['radiusenable']) {
85			$reqdfields = array_merge($reqdfields, explode(" ", "radiusserver radiussecret"));
86	e2411886	Scott Ullrich	$reqdfieldsn = array_merge($reqdfieldsn,
87	989d117b	Rafael Lucas	array(gettext("RADIUS server address"),gettext("RADIUS shared secret")));
88	5b237745	Scott Ullrich	}
89	e2411886	Scott Ullrich
90	1e9b4611	Renato Botelho	do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
91	e2411886	Scott Ullrich
92	5b237745	Scott Ullrich	if (($_POST['localip'] && !is_ipaddr($_POST['localip']))) {
93	989d117b	Rafael Lucas	$input_errors[] = gettext("A valid server address must be specified.");
94	5b237745	Scott Ullrich	}
95	0a0b17d9	Renato Botelho	if (is_ipaddr_configured($_POST['localip'])) {
96			$input_errors[] = gettext("'Server address' parameter should NOT be set to any IP address currently in use on this firewall.");
97			}
98	2f31946f	jim-p	if (!is_ipaddr($_POST['remoteip'])) {
99	989d117b	Rafael Lucas	$input_errors[] = gettext("A valid remote start address must be specified.");
100	5b237745	Scott Ullrich	}
101			if (($_POST['radiusserver'] && !is_ipaddr($_POST['radiusserver']))) {
102	989d117b	Rafael Lucas	$input_errors[] = gettext("A valid RADIUS server address must be specified.");
103	5b237745	Scott Ullrich	}
104	e2411886	Scott Ullrich
105			if (!$input_errors) {
106	96033063	Erik Fonnesbeck	$subnet_start = ip2ulong($_POST['remoteip']);
107			$subnet_end = ip2ulong($_POST['remoteip']) + $_POST['n_pptp_units'] - 1;
108	e2411886	Scott Ullrich
109	96033063	Erik Fonnesbeck	if ((ip2ulong($_POST['localip']) >= $subnet_start) &&
110			(ip2ulong($_POST['localip']) <= $subnet_end)) {
111	989d117b	Rafael Lucas	$input_errors[] = gettext("The specified server address lies in the remote subnet.");
112	5b237745	Scott Ullrich	}
113	2f31946f	jim-p	// TODO: Should this check be for any local IP address?
114	045c9cc9	sullrich	if ($_POST['localip'] == $config['interfaces']['lan']['ipaddr']) {
115	989d117b	Rafael Lucas	$input_errors[] = gettext("The specified server address is equal to the LAN interface address.");
116	5b237745	Scott Ullrich	}
117			}
118			} else if ($_POST['mode'] == "redir") {
119			$reqdfields = explode(" ", "redir");
120	989d117b	Rafael Lucas	$reqdfieldsn = array(gettext("PPTP redirection target address"));
121	e2411886	Scott Ullrich
122	1e9b4611	Renato Botelho	do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
123	e2411886	Scott Ullrich
124	5b237745	Scott Ullrich	if (($_POST['redir'] && !is_ipaddr($_POST['redir']))) {
125	989d117b	Rafael Lucas	$input_errors[] = gettext("A valid target address must be specified.");
126	5b237745	Scott Ullrich	}
127	7eaf04fd	Erik Fonnesbeck	} else if (isset($config['pptpd']['mode'])) {
128	963d012d	Scott Ullrich	unset($config['pptpd']['mode']);
129	5b237745	Scott Ullrich	}
130
131			if (!$input_errors) {
132			$pptpcfg['remoteip'] = $_POST['remoteip'];
133			$pptpcfg['redir'] = $_POST['redir'];
134	c8c416db	Scott Ullrich	$pptpcfg['localip'] = $_POST['localip'];
135	5b237745	Scott Ullrich	$pptpcfg['mode'] = $_POST['mode'];
136	10d470b9	Scott Ullrich	$pptpcfg['wins'] = $_POST['wins'];
137	07cae4b2	Scott Ullrich	$pptpcfg['n_pptp_units'] = $_POST['n_pptp_units'];
138	c8c416db	Scott Ullrich	$pptpcfg['radius']['server']['ip'] = $_POST['radiusserver'];
139			$pptpcfg['radius']['server']['port'] = $_POST['radiusserverport'];
140			$pptpcfg['radius']['server']['acctport'] = $_POST['radiusserveracctport'];
141			$pptpcfg['radius']['server']['secret'] = $_POST['radiussecret'];
142			$pptpcfg['radius']['server2']['ip'] = $_POST['radiusserver2'];
143			$pptpcfg['radius']['server2']['port'] = $_POST['radiusserver2port'];
144			$pptpcfg['radius']['server2']['acctport'] = $_POST['radiusserver2acctport'];
145			$pptpcfg['radius']['server2']['secret2'] = $_POST['radiussecret2'];
146			$pptpcfg['radius']['nasip'] = $_POST['radius_nasip'];
147			$pptpcfg['radius']['acct_update'] = $_POST['radius_acct_update'];
148
149	7eaf04fd	Erik Fonnesbeck	if ($_POST['pptp_dns1'] == "") {
150			if (isset($pptpcfg['dns1']))
151			unset($pptpcfg['dns1']);
152			} else
153	c8c416db	Scott Ullrich	$pptpcfg['dns1'] = $_POST['pptp_dns1'];
154
155	7eaf04fd	Erik Fonnesbeck	if ($_POST['pptp_dns2'] == "") {
156			if (isset($pptpcfg['dns2']))
157			unset($pptpcfg['dns2']);
158			} else
159	c8c416db	Scott Ullrich	$pptpcfg['dns2'] = $_POST['pptp_dns2'];
160	33eaec88	Scott Ullrich
161			if($_POST['req128'] == "yes")
162			$pptpcfg['req128'] = true;
163	7eaf04fd	Erik Fonnesbeck	else if (isset($pptpcfg['req128']))
164	33eaec88	Scott Ullrich	unset($pptpcfg['req128']);
165
166			if($_POST['radiusenable'] == "yes")
167	c8c416db	Scott Ullrich	$pptpcfg['radius']['server']['enable'] = true;
168	7eaf04fd	Erik Fonnesbeck	else if (isset($pptpcfg['radius']['server']['enable']))
169	c8c416db	Scott Ullrich	unset($pptpcfg['radius']['server']['enable']);
170	e2411886	Scott Ullrich
171	07cae4b2	Scott Ullrich	if($_POST['radiussecenable'] == "yes")
172	c07b2675	jim-p	$pptpcfg['radius']['server2']['enable'] = true;
173	7eaf04fd	Erik Fonnesbeck	else if (isset($pptpcfg['radius']['server2']['enable']))
174	c8c416db	Scott Ullrich	unset($pptpcfg['radius']['server2']['enable']);
175	07cae4b2	Scott Ullrich
176	33eaec88	Scott Ullrich	if($_POST['radacct_enable'] == "yes")
177			$pptpcfg['radius']['accounting'] = true;
178	7eaf04fd	Erik Fonnesbeck	else if (isset($pptpcfg['radius']['accounting']))
179	33eaec88	Scott Ullrich	unset($pptpcfg['radius']['accounting']);
180
181	07cae4b2	Scott Ullrich	if($_POST['radiusissueips'] == "yes") {
182			$pptpcfg['radius']['radiusissueips'] = true;
183	7eaf04fd	Erik Fonnesbeck	} else if (isset($pptpcfg['radius']['radiusissueips']))
184	07cae4b2	Scott Ullrich	unset($pptpcfg['radius']['radiusissueips']);
185
186	5b237745	Scott Ullrich	write_config();
187	e2411886	Scott Ullrich
188	5b237745	Scott Ullrich	$retval = 0;
189	72bd8df5	Ermal Lu?i	$retval = vpn_pptpd_configure();
190	5b237745	Scott Ullrich	$savemsg = get_std_save_message($retval);
191	34947a64	Scott Ullrich
192			filter_configure();
193	5b237745	Scott Ullrich	}
194			}
195	4df96eff	Scott Ullrich
196	989d117b	Rafael Lucas	$pgtitle = array(gettext("VPN"),gettext("VPN PPTP"));
197	b32dd0a6	jim-p	$shortcut_section = "pptps";
198	4df96eff	Scott Ullrich	include("head.inc");
199
200	5b237745	Scott Ullrich	?>
201	422f27c0	Scott Ullrich
202			<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
203	e2411886	Scott Ullrich	<?php include("fbegin.inc"); ?>
204	91f026b0	ayvis	<script type="text/javascript">
205	572f4f09	Colin Fleming	//<![CDATA[
206	5b237745	Scott Ullrich	function get_radio_value(obj)
207			{
208			for (i = 0; i < obj.length; i++) {
209			if (obj[i].checked)
210			return obj[i].value;
211			}
212			return null;
213			}
214
215			function enable_change(enable_over) {
216			if ((get_radio_value(document.iform.mode) == "server") \|\| enable_over) {
217			document.iform.remoteip.disabled = 0;
218			document.iform.localip.disabled = 0;
219			document.iform.req128.disabled = 0;
220			document.iform.radiusenable.disabled = 0;
221	a35c2033	Martin Fuchs	document.iform.radiusissueips.disabled = 0;
222	4dd1d9af	Scott Ullrich	document.iform.wins.disabled = 0;
223	07cae4b2	Scott Ullrich	document.iform.n_pptp_units.disabled = 0;
224	c8c416db	Scott Ullrich	document.iform.pptp_dns1.disabled = 0;
225			document.iform.pptp_dns2.disabled = 0;
226	e2411886	Scott Ullrich
227	5b237745	Scott Ullrich	if (document.iform.radiusenable.checked \|\| enable_over) {
228	07cae4b2	Scott Ullrich	document.iform.radiussecenable.disabled = 0;
229	5b237745	Scott Ullrich	document.iform.radacct_enable.disabled = 0;
230			document.iform.radiusserver.disabled = 0;
231	c8c416db	Scott Ullrich	document.iform.radiusserverport.disabled = 0;
232			document.iform.radiusserveracctport.disabled = 0;
233	5b237745	Scott Ullrich	document.iform.radiussecret.disabled = 0;
234	07cae4b2	Scott Ullrich	document.iform.radius_nasip.disabled = 0;
235			document.iform.radius_acct_update.disabled = 0;
236			document.iform.radiusissueips.disabled = 0;
237	c8c416db	Scott Ullrich	if (document.iform.radiussecenable.checked \|\| enable_over) {
238			document.iform.radiusserver2.disabled = 0;
239			document.iform.radiussecret2.disabled = 0;
240			document.iform.radiusserver2port.disabled = 0;
241			document.iform.radiusserver2acctport.disabled = 0;
242			} else {
243
244			document.iform.radiusserver2.disabled = 1;
245			document.iform.radiussecret2.disabled = 1;
246			document.iform.radiusserver2port.disabled = 1;
247			document.iform.radiusserver2acctport.disabled = 1;
248			}
249	5b237745	Scott Ullrich	} else {
250			document.iform.radacct_enable.disabled = 1;
251			document.iform.radiusserver.disabled = 1;
252	c8c416db	Scott Ullrich	document.iform.radiusserverport.disabled = 1;
253	a35c2033	Martin Fuchs	document.iform.radiusissueips.disabled = 1;
254	c8c416db	Scott Ullrich	document.iform.radiusserveracctport.disabled = 1;
255	5b237745	Scott Ullrich	document.iform.radiussecret.disabled = 1;
256	07cae4b2	Scott Ullrich	document.iform.radius_nasip.disabled = 1;
257			document.iform.radius_acct_update.disabled = 1;
258			document.iform.radiusissueips.disabled = 1;
259	114a9292	jim-p	document.iform.radiusserver2.disabled = 1;
260			document.iform.radiussecret2.disabled = 1;
261			document.iform.radiusserver2port.disabled = 1;
262			document.iform.radiusserver2acctport.disabled = 1;
263	07cae4b2	Scott Ullrich	}
264
265	5b237745	Scott Ullrich	} else {
266			document.iform.remoteip.disabled = 1;
267			document.iform.localip.disabled = 1;
268			document.iform.req128.disabled = 1;
269	07cae4b2	Scott Ullrich	document.iform.n_pptp_units.disabled = 1;
270	c8c416db	Scott Ullrich	document.iform.pptp_dns1.disabled = 1;
271			document.iform.pptp_dns2.disabled = 1;
272	5b237745	Scott Ullrich	document.iform.radiusenable.disabled = 1;
273			document.iform.radacct_enable.disabled = 1;
274			document.iform.radiusserver.disabled = 1;
275	c8c416db	Scott Ullrich	document.iform.radiusserverport.disabled = 1;
276	a35c2033	Martin Fuchs	document.iform.radiusissueips.disabled = 1;
277	c8c416db	Scott Ullrich	document.iform.radiusserveracctport.disabled = 1;
278	5b237745	Scott Ullrich	document.iform.radiussecret.disabled = 1;
279	07cae4b2	Scott Ullrich	document.iform.radius_nasip.disabled = 1;
280			document.iform.radius_acct_update.disabled = 1;
281			document.iform.radiussecenable.disabled = 1;
282			document.iform.radiusserver2.disabled = 1;
283	c8c416db	Scott Ullrich	document.iform.radiusserver2port.disabled = 1;
284			document.iform.radiusserver2acctport.disabled = 1;
285	07cae4b2	Scott Ullrich	document.iform.radiussecret2.disabled = 1;
286	4dd1d9af	Scott Ullrich	document.iform.wins.disabled = 1;
287	07cae4b2	Scott Ullrich	document.iform.radiusissueips.disabled = 1;
288	5b237745	Scott Ullrich	}
289			if ((get_radio_value(document.iform.mode) == "redir") \|\| enable_over) {
290			document.iform.redir.disabled = 0;
291			} else {
292			document.iform.redir.disabled = 1;
293			}
294			}
295	572f4f09	Colin Fleming	//]]>
296	5b237745	Scott Ullrich	</script>
297			<form action="vpn_pptp.php" method="post" name="iform" id="iform">
298			<?php if ($input_errors) print_input_errors($input_errors); ?>
299			<?php if ($savemsg) print_info_box($savemsg); ?>
300	8cd558b6	ayvis	<?php print_info_box(gettext("PPTP is no longer considered a secure VPN technology because it relies upon MS-CHAPv2 which has been compromised. If you continue to use PPTP be aware that intercepted traffic can be decrypted by a third party, so it should be considered unencrypted. We advise migrating to another VPN type such as OpenVPN or IPsec.<br /><br /><a href=\"https://isc.sans.edu/diary/End+of+Days+for+MS-CHAPv2/13807\">Read More</a>")); ?>
301	572f4f09	Colin Fleming	<table width="100%" border="0" cellpadding="0" cellspacing="0" summary="vpn pptp">
302	e2411886	Scott Ullrich	<tr><td class="tabnavtbl">
303	17982382	Scott Ullrich	<?php
304			$tab_array = array();
305	989d117b	Rafael Lucas	$tab_array[0] = array(gettext("Configuration"), true, "vpn_pptp.php");
306			$tab_array[1] = array(gettext("Users"), false, "vpn_pptp_users.php");
307	17982382	Scott Ullrich	display_top_tabs($tab_array);
308			?>
309	5b237745	Scott Ullrich	</td></tr>
310	e2411886	Scott Ullrich	<tr>
311	96f8c1e2	Bill Marquette	<td>
312			<div id="mainarea">
313	572f4f09	Colin Fleming	<table class="tabcont" width="100%" border="0" cellpadding="6" cellspacing="0" summary="main area">
314	e2411886	Scott Ullrich	<tr>
315	5b237745	Scott Ullrich	<td width="22%" valign="top" class="vtable"> </td>
316	e2411886	Scott Ullrich	<td width="78%" class="vtable">
317	5b237745	Scott Ullrich	<input name="mode" type="radio" onclick="enable_change(false)" value="off"
318	572f4f09	Colin Fleming	<?php if (($pconfig['mode'] != "server") && ($pconfig['mode'] != "redir")) echo "checked=\"checked\"";?> />
319	e222daeb	Carlos Eduardo Ramos	<?=gettext("Off"); ?></td>
320	572f4f09	Colin Fleming	</tr>
321	e2411886	Scott Ullrich	<tr>
322	5b237745	Scott Ullrich	<td width="22%" valign="top" class="vtable"> </td>
323			<td width="78%" class="vtable">
324	70085c73	Carlos Eduardo Ramos
325	572f4f09	Colin Fleming	<input type="radio" name="mode" value="redir" onclick="enable_change(false)" <?php if ($pconfig['mode'] == "redir") echo "checked=\"checked\"" ?> />
326	62f8bb60	Carlos Eduardo Ramos	<?=gettext("Redirect incoming PPTP connections to");?>:</td>
327	572f4f09	Colin Fleming	</tr>
328	9f6651a3	Carlos Eduardo Ramos	<tr>
329			<td width="22%" valign="top" class="vncellreq"><?=gettext("PPTP redirection");?></td>
330	e2411886	Scott Ullrich	<td width="78%" class="vtable">
331	572f4f09	Colin Fleming	<?=$mandfldhtml;?><input name="redir" type="text" class="formfld unknown" id="redir" size="20" value="<?=htmlspecialchars($pconfig['redir']);?>" />
332	8cd558b6	ayvis	<br />
333	70085c73	Carlos Eduardo Ramos	<?=gettext("Enter the IP address of a host which will accept incoming " .
334			"PPTP connections"); ?>.</td>
335	572f4f09	Colin Fleming	</tr>
336	e2411886	Scott Ullrich	<tr>
337	5b237745	Scott Ullrich	<td width="22%" valign="top" class="vtable"> </td>
338			<td width="78%" class="vtable">
339	572f4f09	Colin Fleming	<input type="radio" name="mode" value="server" onclick="enable_change(false)" <?php if ($pconfig['mode'] == "server") echo "checked=\"checked\""; ?> />
340	70085c73	Carlos Eduardo Ramos	<?=gettext("Enable PPTP server"); ?></td>
341	c8c416db	Scott Ullrich	</tr>
342	f2b4ff2b	sullrich	<tr>
343	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("No. PPTP users"); ?></td>
344	f2b4ff2b	sullrich	<td width="78%" class="vtable">
345			<select id="n_pptp_units" name="n_pptp_units">
346			<?php
347	1f6f0076	jim-p	$toselect = ($pconfig['n_pptp_units'] > 0) ? $pconfig['n_pptp_units'] : 16;
348			for($x=1; $x<255; $x++) {
349			if($x == $toselect)
350	572f4f09	Colin Fleming	$SELECTED = " selected=\"selected\"";
351	f2b4ff2b	sullrich	else
352			$SELECTED = "";
353			echo "<option value=\"{$x}\"{$SELECTED}>{$x}</option>\n";
354			}
355			?>
356			</select>
357	8cd558b6	ayvis	<br /><?=gettext("Hint: 10 is ten PPTP clients"); ?>
358	f2b4ff2b	sullrich	</td>
359			</tr>
360	e2411886	Scott Ullrich	<tr>
361	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Server address"); ?></td>
362	e2411886	Scott Ullrich	<td width="78%" class="vtable">
363	572f4f09	Colin Fleming	<?=$mandfldhtml;?><input name="localip" type="text" class="formfld unknown" id="localip" size="20" value="<?=htmlspecialchars($pconfig['localip']);?>" />
364	8cd558b6	ayvis	<br />
365	6d1ae23c	jim-p	<?=gettext("Enter the IP address the PPTP server should give to clients for use as their \"gateway\""); ?>.
366	8cd558b6	ayvis	<br />
367	6d1ae23c	jim-p	<?=gettext("Typically this is set to an unused IP just outside of the client range"); ?>.
368	8cd558b6	ayvis	<br />
369			<br />
370	973444a8	jim-p	<?=gettext("NOTE: This should NOT be set to any IP address currently in use on this firewall"); ?>.</td>
371	5b237745	Scott Ullrich	</tr>
372	e2411886	Scott Ullrich	<tr>
373	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Remote address " .
374			"range"); ?></td>
375	e2411886	Scott Ullrich	<td width="78%" class="vtable">
376	572f4f09	Colin Fleming	<?=$mandfldhtml;?><input name="remoteip" type="text" class="formfld unknown" id="remoteip" size="20" value="<?=htmlspecialchars($pconfig['remoteip']);?>" />
377	8cd558b6	ayvis	<br />
378			<?=gettext("Specify the starting address for the client IP subnet"); ?>.<br />
379	572f4f09	Colin Fleming	</td>
380	07cae4b2	Scott Ullrich	</tr>
381	c8c416db	Scott Ullrich	<tr>
382	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("PPTP DNS Servers"); ?></td>
383	c8c416db	Scott Ullrich	<td width="78%" class="vtable">
384	572f4f09	Colin Fleming	<?=$mandfldhtml;?><input name="pptp_dns1" type="text" class="formfld unknown" id="pptp_dns1" size="20" value="<?=htmlspecialchars($pconfig['pptp_dns1']);?>" />
385	8cd558b6	ayvis	<br />
386	572f4f09	Colin Fleming	<input name="pptp_dns2" type="text" class="formfld unknown" id="pptp_dns2" size="20" value="<?=htmlspecialchars($pconfig['pptp_dns2']);?>" />
387	8cd558b6	ayvis	<br />
388			<?=gettext("primary and secondary DNS servers assigned to PPTP clients"); ?><br />
389	572f4f09	Colin Fleming	</td>
390	c8c416db	Scott Ullrich	</tr>
391			<tr>
392	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("WINS Server"); ?></td>
393			<td width="78%" valign="top" class="vtable">
394	572f4f09	Colin Fleming	<input name="wins" class="formfld unknown" id="wins" size="20" value="<?=htmlspecialchars($pconfig['wins']);?>" />
395	c8c416db	Scott Ullrich	</td>
396			</tr>
397	e2411886	Scott Ullrich	<tr>
398	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("RADIUS"); ?></td>
399	e2411886	Scott Ullrich	<td width="78%" class="vtable">
400	572f4f09	Colin Fleming	<input name="radiusenable" type="checkbox" id="radiusenable" onclick="enable_change(false)" value="yes" <?php if ($pconfig['radiusenable']) echo "checked=\"checked\""; ?> />
401	8cd558b6	ayvis	<strong><?=gettext("Use a RADIUS server for authentication"); ?></strong><br />
402	70085c73	Carlos Eduardo Ramos	<?=gettext("When set, all users will be authenticated using " .
403			"the RADIUS server specified below. The local user database " .
404	8cd558b6	ayvis	"will not be used"); ?>.<br />
405			<br />
406	572f4f09	Colin Fleming	<input name="radacct_enable" type="checkbox" id="radacct_enable" onclick="enable_change(false)" value="yes" <?php if ($pconfig['radacct_enable']) echo "checked=\"checked\""; ?> />
407	8cd558b6	ayvis	<strong><?=gettext("Enable RADIUS accounting"); ?> <br />
408			</strong><?=gettext("Sends accounting packets to the RADIUS server"); ?>.<br />
409			<br />
410	572f4f09	Colin Fleming	<input name="radiussecenable" type="checkbox" id="radiussecenable" onclick="enable_change(false)" value="yes" <?php if ($pconfig['radiussecenable']) echo "checked=\"checked\""; ?> />
411	8cd558b6	ayvis	<strong><?=gettext("Secondary RADIUS server for failover authentication"); ?></strong><br />
412			<?=gettext("When set, all requests will go to the secondary server when primary fails"); ?><br />
413			<br />
414	572f4f09	Colin Fleming	<input name="radiusissueips" value="yes" type="checkbox" class="formfld" id="radiusissueips"<?php if($pconfig['radiusissueips']) echo " checked=\"checked\""; ?> />
415	70085c73	Carlos Eduardo Ramos	<strong><?=gettext("RADIUS issued IPs"); ?></strong>
416	8cd558b6	ayvis	<br /><?=gettext("Issue IP addresses via RADIUS server"); ?>.
417	f9f160b1	Chris Buechler	</td>
418	c8c416db	Scott Ullrich	</tr>
419			<tr>
420	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("RADIUS NAS IP"); ?></td>
421	c8c416db	Scott Ullrich	<td width="78%" valign="top" class="vtable">
422	572f4f09	Colin Fleming	<input name="radius_nasip" class="formfld unknown" id="radius_nasip" size="20" value="<?=htmlspecialchars($pconfig['radius_nasip']);?>" />
423	c8c416db	Scott Ullrich	</td>
424	f9f160b1	Chris Buechler	</tr>
425	c8c416db	Scott Ullrich	<tr>
426	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("RADIUS Accounting Update"); ?></td>
427	c8c416db	Scott Ullrich	<td width="78%" valign="top" class="vtable">
428	572f4f09	Colin Fleming	<input name="radius_acct_update" class="formfld unknown" id="radius_acct_update" size="20" value="<?=htmlspecialchars($pconfig['radius_acct_update']);?>" />
429	c8c416db	Scott Ullrich	</td>
430	f9f160b1	Chris Buechler	</tr>
431	e2411886	Scott Ullrich	<tr>
432	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("RADIUS Server"); ?> </td>
433	78cf56c6	Scott Ullrich	<td width="78%" class="vtable">
434	572f4f09	Colin Fleming	<input name="radiusserver" type="text" class="formfld unknown" id="radiusserver" size="20" value="<?=htmlspecialchars($pconfig['radiusserver']);?>" />
435			<input name="radiusserverport" type="text" class="formfld unknown" id="radiusserverport" size="4" value="<?=htmlspecialchars($pconfig['radiusserverport']);?>" />
436			<input name="radiusserveracctport" type="text" class="formfld unknown" id="radiusserveracctport" size="4" value="<?=htmlspecialchars($pconfig['radiusserveracctport']);?>" />
437	8cd558b6	ayvis	<br />
438	70085c73	Carlos Eduardo Ramos	<?=gettext("Enter the IP address, RADIUS port, and RADIUS accounting port of the RADIUS server"); ?>.</td>
439	5b237745	Scott Ullrich	</tr>
440	e2411886	Scott Ullrich	<tr>
441	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("RADIUS shared secret"); ?></td>
442	78cf56c6	Scott Ullrich	<td width="78%" valign="top" class="vtable">
443	572f4f09	Colin Fleming	<input name="radiussecret" type="password" class="formfld pwd" id="radiussecret" size="20" value="<?=htmlspecialchars($pconfig['radiussecret']);?>" />
444	8cd558b6	ayvis	<br />
445	70085c73	Carlos Eduardo Ramos	<?=gettext("Enter the shared secret that will be used to authenticate " .
446			"to the RADIUS server"); ?>.</td>
447	07cae4b2	Scott Ullrich	</tr>
448			<tr>
449	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Secondary RADIUS server"); ?> </td>
450	07cae4b2	Scott Ullrich	<td width="78%" class="vtable">
451	572f4f09	Colin Fleming	<input name="radiusserver2" type="text" class="formfld unknown" id="radiusserver2" size="20" value="<?=htmlspecialchars($pconfig['radiusserver2']);?>" />
452			<input name="radiusserver2port" type="text" class="formfld unknown" id="radiusserver2port" size="4" value="<?=htmlspecialchars($pconfig['radiusserver2port']);?>" />
453			<input name="radiusserver2acctport" type="text" class="formfld unknown" id="radiusserver2acctport" size="4" value="<?=htmlspecialchars($pconfig['radiusserver2acctport']);?>" />
454	8cd558b6	ayvis	<br />
455	70085c73	Carlos Eduardo Ramos	<?=gettext("Enter the IP address, RADIUS port, and RADIUS accounting port of the RADIUS server"); ?>.</td>
456	07cae4b2	Scott Ullrich	</tr>
457			<tr>
458	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Secondary RADIUS shared secret"); ?></td>
459	07cae4b2	Scott Ullrich	<td width="78%" valign="top" class="vtable">
460	572f4f09	Colin Fleming	<input name="radiussecret2" type="password" class="formfld pwd" id="radiussecret2" size="20" value="<?=htmlspecialchars($pconfig['radiussecret2']);?>" />
461	8cd558b6	ayvis	<br />
462	70085c73	Carlos Eduardo Ramos	<?=gettext("Enter the shared secret that will be used to authenticate " .
463			"to the secondary RADIUS server"); ?>.</td>
464	07cae4b2	Scott Ullrich	</tr>
465	e2411886	Scott Ullrich	<tr>
466	5b237745	Scott Ullrich	<td height="16" colspan="2" valign="top"></td>
467			</tr>
468	e2411886	Scott Ullrich	<tr>
469	5b237745	Scott Ullrich	<td width="22%" valign="middle"> </td>
470	e2411886	Scott Ullrich	<td width="78%" class="vtable">
471	572f4f09	Colin Fleming	<input name="req128" type="checkbox" id="req128" value="yes" <?php if ($pconfig['req128']) echo "checked=\"checked\""; ?> />
472	8cd558b6	ayvis	<strong><?=gettext("Require 128-bit encryption"); ?></strong><br />
473	70085c73	Carlos Eduardo Ramos	<?=gettext("When set, only 128-bit encryption will be accepted. Otherwise " .
474			"40-bit and 56-bit encryption will be accepted as well. Note that " .
475			"encryption will always be forced on PPTP connections (i.e. " .
476			"unencrypted connections will not be accepted)"); ?>.</td>
477	5b237745	Scott Ullrich	</tr>
478	e2411886	Scott Ullrich	<tr>
479	5b237745	Scott Ullrich	<td width="22%" valign="top"> </td>
480	e2411886	Scott Ullrich	<td width="78%">
481	572f4f09	Colin Fleming	<input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" onclick="enable_change(true)" />
482	5b237745	Scott Ullrich	</td>
483			</tr>
484	e2411886	Scott Ullrich	<tr>
485			<td width="22%" valign="top"> </td>
486	8cd558b6	ayvis	<td width="78%"><span class="vexpl"><span class="red"><strong><?=gettext("Note");?>:<br />
487	62f8bb60	Carlos Eduardo Ramos	</strong></span><?=gettext("don't forget to ");?><a href="firewall_rules.php?if=pptp"><?=gettext("add a firewall rule"); ?></a> <?=gettext("to permit ".
488			"traffic from PPTP clients");?>!</span></td>
489	70085c73	Carlos Eduardo Ramos	</tr>
490	5b237745	Scott Ullrich	</table>
491	96f8c1e2	Bill Marquette	</div>
492	e2411886	Scott Ullrich	</td>
493	5b237745	Scott Ullrich	</tr>
494			</table>
495			</form>
496	91f026b0	ayvis	<script type="text/javascript">
497	572f4f09	Colin Fleming	//<![CDATA[
498	5b237745	Scott Ullrich	enable_change(false);
499	572f4f09	Colin Fleming	//]]>
500	5b237745	Scott Ullrich	</script>
501			<?php include("fend.inc"); ?>
502	9999b3aa	Scott Ullrich	</body>
503			</html>

Project

General

Profile

pfSense