/usr/local/www/vpn_pptp.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/vpn_pptp.php @ 5b42a459

1	5b237745	Scott Ullrich	<?php
2			/*
3			vpn_pptp.php
4			part of m0n0wall (http://m0n0.ch/wall)
5	e2411886	Scott Ullrich
6			Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>.
7	5b237745	Scott Ullrich	All rights reserved.
8	e2411886	Scott Ullrich
9	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
10			modification, are permitted provided that the following conditions are met:
11	e2411886	Scott Ullrich
12	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
13			this list of conditions and the following disclaimer.
14	e2411886	Scott Ullrich
15	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
16			notice, this list of conditions and the following disclaimer in the
17			documentation and/or other materials provided with the distribution.
18	e2411886	Scott Ullrich
19	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
20			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
21			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
22			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
23			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
24			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
26			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
27			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
28			POSSIBILITY OF SUCH DAMAGE.
29			*/
30
31	6b07c15a	Matthew Grooms	##\|+PRIV
32			##\|*IDENT=page-vpn-vpnpptp
33			##\|*NAME=VPN: VPN PPTP page
34			##\|*DESCR=Allow access to the 'VPN: VPN PPTP' page.
35			##\|MATCH=vpn_pptp.php
36			##\|-PRIV
37
38	5b237745	Scott Ullrich	require("guiconfig.inc");
39	7a927e67	Scott Ullrich	require_once("functions.inc");
40			require_once("filter.inc");
41			require_once("shaper.inc");
42	483e6de8	Scott Ullrich	require_once("vpn.inc");
43	5b237745	Scott Ullrich
44			if (!is_array($config['pptpd']['radius'])) {
45			$config['pptpd']['radius'] = array();
46			}
47			$pptpcfg = &$config['pptpd'];
48
49			$pconfig['remoteip'] = $pptpcfg['remoteip'];
50			$pconfig['localip'] = $pptpcfg['localip'];
51			$pconfig['redir'] = $pptpcfg['redir'];
52			$pconfig['mode'] = $pptpcfg['mode'];
53	10d470b9	Scott Ullrich	$pconfig['wins'] = $pptpcfg['wins'];
54	5b237745	Scott Ullrich	$pconfig['req128'] = isset($pptpcfg['req128']);
55	07cae4b2	Scott Ullrich	$pconfig['n_pptp_units'] = $pptpcfg['n_pptp_units'];
56	c8c416db	Scott Ullrich	$pconfig['pptp_dns1'] = $pptpcfg['dns1'];
57			$pconfig['pptp_dns2'] = $pptpcfg['dns2'];
58	71569a7e	jim-p	$pconfig['radiusenable'] = isset($pptpcfg['radius']['server']['enable']);
59	c8c416db	Scott Ullrich	$pconfig['radiusissueips'] = isset($pptpcfg['radius']['radiusissueips']);
60			$pconfig['radiussecenable'] = isset($pptpcfg['radius']['server2']['enable']);
61			$pconfig['radacct_enable'] = isset($pptpcfg['radius']['accounting']);
62			$pconfig['radiusserver'] = $pptpcfg['radius']['server']['ip'];
63			$pconfig['radiusserverport'] = $pptpcfg['radius']['server']['port'];
64			$pconfig['radiusserveracctport'] = $pptpcfg['radius']['server']['acctport'];
65			$pconfig['radiussecret'] = $pptpcfg['radius']['server']['secret'];
66			$pconfig['radiusserver2'] = $pptpcfg['radius']['server2']['ip'];
67			$pconfig['radiusserver2port'] = $pptpcfg['radius']['server2']['port'];
68			$pconfig['radiusserver2acctport'] = $pptpcfg['radius']['server2']['acctport'];
69			$pconfig['radiussecret2'] = $pptpcfg['radius']['server2']['secret2'];
70			$pconfig['radius_acct_update'] = $pptpcfg['radius']['acct_update'];
71			$pconfig['radius_nasip'] = $pptpcfg['radius']['nasip'];
72	5b237745	Scott Ullrich
73			if ($_POST) {
74
75	7eaf04fd	Erik Fonnesbeck	if (isset($input_errors))
76			unset($input_errors);
77	5b237745	Scott Ullrich	$pconfig = $_POST;
78
79			/* input validation */
80			if ($_POST['mode'] == "server") {
81			$reqdfields = explode(" ", "localip remoteip");
82	989d117b	Rafael Lucas	$reqdfieldsn = array(gettext("Server address"),gettext("Remote start address"));
83	e2411886	Scott Ullrich
84	5b237745	Scott Ullrich	if ($_POST['radiusenable']) {
85			$reqdfields = array_merge($reqdfields, explode(" ", "radiusserver radiussecret"));
86	e2411886	Scott Ullrich	$reqdfieldsn = array_merge($reqdfieldsn,
87	989d117b	Rafael Lucas	array(gettext("RADIUS server address"),gettext("RADIUS shared secret")));
88	5b237745	Scott Ullrich	}
89	e2411886	Scott Ullrich
90	5b237745	Scott Ullrich	do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
91	e2411886	Scott Ullrich
92	5b237745	Scott Ullrich	if (($_POST['localip'] && !is_ipaddr($_POST['localip']))) {
93	989d117b	Rafael Lucas	$input_errors[] = gettext("A valid server address must be specified.");
94	5b237745	Scott Ullrich	}
95	2f31946f	jim-p	if (!is_ipaddr($_POST['remoteip'])) {
96	989d117b	Rafael Lucas	$input_errors[] = gettext("A valid remote start address must be specified.");
97	5b237745	Scott Ullrich	}
98			if (($_POST['radiusserver'] && !is_ipaddr($_POST['radiusserver']))) {
99	989d117b	Rafael Lucas	$input_errors[] = gettext("A valid RADIUS server address must be specified.");
100	5b237745	Scott Ullrich	}
101	e2411886	Scott Ullrich
102			if (!$input_errors) {
103	96033063	Erik Fonnesbeck	$subnet_start = ip2ulong($_POST['remoteip']);
104			$subnet_end = ip2ulong($_POST['remoteip']) + $_POST['n_pptp_units'] - 1;
105	e2411886	Scott Ullrich
106	96033063	Erik Fonnesbeck	if ((ip2ulong($_POST['localip']) >= $subnet_start) &&
107			(ip2ulong($_POST['localip']) <= $subnet_end)) {
108	989d117b	Rafael Lucas	$input_errors[] = gettext("The specified server address lies in the remote subnet.");
109	5b237745	Scott Ullrich	}
110	2f31946f	jim-p	// TODO: Should this check be for any local IP address?
111	045c9cc9	sullrich	if ($_POST['localip'] == $config['interfaces']['lan']['ipaddr']) {
112	989d117b	Rafael Lucas	$input_errors[] = gettext("The specified server address is equal to the LAN interface address.");
113	5b237745	Scott Ullrich	}
114			}
115			} else if ($_POST['mode'] == "redir") {
116			$reqdfields = explode(" ", "redir");
117	989d117b	Rafael Lucas	$reqdfieldsn = array(gettext("PPTP redirection target address"));
118	e2411886	Scott Ullrich
119	5b237745	Scott Ullrich	do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
120	e2411886	Scott Ullrich
121	5b237745	Scott Ullrich	if (($_POST['redir'] && !is_ipaddr($_POST['redir']))) {
122	989d117b	Rafael Lucas	$input_errors[] = gettext("A valid target address must be specified.");
123	5b237745	Scott Ullrich	}
124	7eaf04fd	Erik Fonnesbeck	} else if (isset($config['pptpd']['mode'])) {
125	963d012d	Scott Ullrich	unset($config['pptpd']['mode']);
126	5b237745	Scott Ullrich	}
127
128			if (!$input_errors) {
129			$pptpcfg['remoteip'] = $_POST['remoteip'];
130			$pptpcfg['redir'] = $_POST['redir'];
131	c8c416db	Scott Ullrich	$pptpcfg['localip'] = $_POST['localip'];
132	5b237745	Scott Ullrich	$pptpcfg['mode'] = $_POST['mode'];
133	10d470b9	Scott Ullrich	$pptpcfg['wins'] = $_POST['wins'];
134	07cae4b2	Scott Ullrich	$pptpcfg['n_pptp_units'] = $_POST['n_pptp_units'];
135	c8c416db	Scott Ullrich	$pptpcfg['radius']['server']['ip'] = $_POST['radiusserver'];
136			$pptpcfg['radius']['server']['port'] = $_POST['radiusserverport'];
137			$pptpcfg['radius']['server']['acctport'] = $_POST['radiusserveracctport'];
138			$pptpcfg['radius']['server']['secret'] = $_POST['radiussecret'];
139			$pptpcfg['radius']['server2']['ip'] = $_POST['radiusserver2'];
140			$pptpcfg['radius']['server2']['port'] = $_POST['radiusserver2port'];
141			$pptpcfg['radius']['server2']['acctport'] = $_POST['radiusserver2acctport'];
142			$pptpcfg['radius']['server2']['secret2'] = $_POST['radiussecret2'];
143			$pptpcfg['radius']['nasip'] = $_POST['radius_nasip'];
144			$pptpcfg['radius']['acct_update'] = $_POST['radius_acct_update'];
145
146	7eaf04fd	Erik Fonnesbeck	if ($_POST['pptp_dns1'] == "") {
147			if (isset($pptpcfg['dns1']))
148			unset($pptpcfg['dns1']);
149			} else
150	c8c416db	Scott Ullrich	$pptpcfg['dns1'] = $_POST['pptp_dns1'];
151
152	7eaf04fd	Erik Fonnesbeck	if ($_POST['pptp_dns2'] == "") {
153			if (isset($pptpcfg['dns2']))
154			unset($pptpcfg['dns2']);
155			} else
156	c8c416db	Scott Ullrich	$pptpcfg['dns2'] = $_POST['pptp_dns2'];
157	33eaec88	Scott Ullrich
158			if($_POST['req128'] == "yes")
159			$pptpcfg['req128'] = true;
160	7eaf04fd	Erik Fonnesbeck	else if (isset($pptpcfg['req128']))
161	33eaec88	Scott Ullrich	unset($pptpcfg['req128']);
162
163			if($_POST['radiusenable'] == "yes")
164	c8c416db	Scott Ullrich	$pptpcfg['radius']['server']['enable'] = true;
165	7eaf04fd	Erik Fonnesbeck	else if (isset($pptpcfg['radius']['server']['enable']))
166	c8c416db	Scott Ullrich	unset($pptpcfg['radius']['server']['enable']);
167	e2411886	Scott Ullrich
168	07cae4b2	Scott Ullrich	if($_POST['radiussecenable'] == "yes")
169	c07b2675	jim-p	$pptpcfg['radius']['server2']['enable'] = true;
170	7eaf04fd	Erik Fonnesbeck	else if (isset($pptpcfg['radius']['server2']['enable']))
171	c8c416db	Scott Ullrich	unset($pptpcfg['radius']['server2']['enable']);
172	07cae4b2	Scott Ullrich
173	33eaec88	Scott Ullrich	if($_POST['radacct_enable'] == "yes")
174			$pptpcfg['radius']['accounting'] = true;
175	7eaf04fd	Erik Fonnesbeck	else if (isset($pptpcfg['radius']['accounting']))
176	33eaec88	Scott Ullrich	unset($pptpcfg['radius']['accounting']);
177
178	07cae4b2	Scott Ullrich	if($_POST['radiusissueips'] == "yes") {
179			$pptpcfg['radius']['radiusissueips'] = true;
180	7eaf04fd	Erik Fonnesbeck	} else if (isset($pptpcfg['radius']['radiusissueips']))
181	07cae4b2	Scott Ullrich	unset($pptpcfg['radius']['radiusissueips']);
182
183	5b237745	Scott Ullrich	write_config();
184	e2411886	Scott Ullrich
185	5b237745	Scott Ullrich	$retval = 0;
186	72bd8df5	Ermal Lu?i	$retval = vpn_pptpd_configure();
187	5b237745	Scott Ullrich	$savemsg = get_std_save_message($retval);
188	34947a64	Scott Ullrich
189			filter_configure();
190	5b237745	Scott Ullrich	}
191			}
192	4df96eff	Scott Ullrich
193	989d117b	Rafael Lucas	$pgtitle = array(gettext("VPN"),gettext("VPN PPTP"));
194	b32dd0a6	jim-p	$shortcut_section = "pptps";
195	4df96eff	Scott Ullrich	include("head.inc");
196
197	5b237745	Scott Ullrich	?>
198	422f27c0	Scott Ullrich
199			<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
200	e2411886	Scott Ullrich	<?php include("fbegin.inc"); ?>
201	5b237745	Scott Ullrich	<script language="JavaScript">
202			<!--
203			function get_radio_value(obj)
204			{
205			for (i = 0; i < obj.length; i++) {
206			if (obj[i].checked)
207			return obj[i].value;
208			}
209			return null;
210			}
211
212			function enable_change(enable_over) {
213			if ((get_radio_value(document.iform.mode) == "server") \|\| enable_over) {
214			document.iform.remoteip.disabled = 0;
215			document.iform.localip.disabled = 0;
216			document.iform.req128.disabled = 0;
217			document.iform.radiusenable.disabled = 0;
218	a35c2033	Martin Fuchs	document.iform.radiusissueips.disabled = 0;
219	4dd1d9af	Scott Ullrich	document.iform.wins.disabled = 0;
220	07cae4b2	Scott Ullrich	document.iform.n_pptp_units.disabled = 0;
221	c8c416db	Scott Ullrich	document.iform.pptp_dns1.disabled = 0;
222			document.iform.pptp_dns2.disabled = 0;
223	e2411886	Scott Ullrich
224	5b237745	Scott Ullrich	if (document.iform.radiusenable.checked \|\| enable_over) {
225	07cae4b2	Scott Ullrich	document.iform.radiussecenable.disabled = 0;
226	5b237745	Scott Ullrich	document.iform.radacct_enable.disabled = 0;
227			document.iform.radiusserver.disabled = 0;
228	c8c416db	Scott Ullrich	document.iform.radiusserverport.disabled = 0;
229			document.iform.radiusserveracctport.disabled = 0;
230	5b237745	Scott Ullrich	document.iform.radiussecret.disabled = 0;
231	07cae4b2	Scott Ullrich	document.iform.radius_nasip.disabled = 0;
232			document.iform.radius_acct_update.disabled = 0;
233			document.iform.radiusissueips.disabled = 0;
234	c8c416db	Scott Ullrich	if (document.iform.radiussecenable.checked \|\| enable_over) {
235			document.iform.radiusserver2.disabled = 0;
236			document.iform.radiussecret2.disabled = 0;
237			document.iform.radiusserver2port.disabled = 0;
238			document.iform.radiusserver2acctport.disabled = 0;
239			} else {
240
241			document.iform.radiusserver2.disabled = 1;
242			document.iform.radiussecret2.disabled = 1;
243			document.iform.radiusserver2port.disabled = 1;
244			document.iform.radiusserver2acctport.disabled = 1;
245			}
246	5b237745	Scott Ullrich	} else {
247			document.iform.radacct_enable.disabled = 1;
248			document.iform.radiusserver.disabled = 1;
249	c8c416db	Scott Ullrich	document.iform.radiusserverport.disabled = 1;
250	a35c2033	Martin Fuchs	document.iform.radiusissueips.disabled = 1;
251	c8c416db	Scott Ullrich	document.iform.radiusserveracctport.disabled = 1;
252	5b237745	Scott Ullrich	document.iform.radiussecret.disabled = 1;
253	07cae4b2	Scott Ullrich	document.iform.radius_nasip.disabled = 1;
254			document.iform.radius_acct_update.disabled = 1;
255			document.iform.radiusissueips.disabled = 1;
256	114a9292	jim-p	document.iform.radiusserver2.disabled = 1;
257			document.iform.radiussecret2.disabled = 1;
258			document.iform.radiusserver2port.disabled = 1;
259			document.iform.radiusserver2acctport.disabled = 1;
260	07cae4b2	Scott Ullrich	}
261
262	5b237745	Scott Ullrich	} else {
263			document.iform.remoteip.disabled = 1;
264			document.iform.localip.disabled = 1;
265			document.iform.req128.disabled = 1;
266	07cae4b2	Scott Ullrich	document.iform.n_pptp_units.disabled = 1;
267	c8c416db	Scott Ullrich	document.iform.pptp_dns1.disabled = 1;
268			document.iform.pptp_dns2.disabled = 1;
269	5b237745	Scott Ullrich	document.iform.radiusenable.disabled = 1;
270			document.iform.radacct_enable.disabled = 1;
271			document.iform.radiusserver.disabled = 1;
272	c8c416db	Scott Ullrich	document.iform.radiusserverport.disabled = 1;
273	a35c2033	Martin Fuchs	document.iform.radiusissueips.disabled = 1;
274	c8c416db	Scott Ullrich	document.iform.radiusserveracctport.disabled = 1;
275	5b237745	Scott Ullrich	document.iform.radiussecret.disabled = 1;
276	07cae4b2	Scott Ullrich	document.iform.radius_nasip.disabled = 1;
277			document.iform.radius_acct_update.disabled = 1;
278			document.iform.radiussecenable.disabled = 1;
279			document.iform.radiusserver2.disabled = 1;
280	c8c416db	Scott Ullrich	document.iform.radiusserver2port.disabled = 1;
281			document.iform.radiusserver2acctport.disabled = 1;
282	07cae4b2	Scott Ullrich	document.iform.radiussecret2.disabled = 1;
283	4dd1d9af	Scott Ullrich	document.iform.wins.disabled = 1;
284	07cae4b2	Scott Ullrich	document.iform.radiusissueips.disabled = 1;
285	5b237745	Scott Ullrich	}
286			if ((get_radio_value(document.iform.mode) == "redir") \|\| enable_over) {
287			document.iform.redir.disabled = 0;
288			} else {
289			document.iform.redir.disabled = 1;
290			}
291			}
292			//-->
293			</script>
294			<form action="vpn_pptp.php" method="post" name="iform" id="iform">
295			<?php if ($input_errors) print_input_errors($input_errors); ?>
296			<?php if ($savemsg) print_info_box($savemsg); ?>
297	ed6df99c	jim-p	<?php print_info_box(gettext("PPTP is no longer considered a secure VPN technology because it relies upon MS-CHAPv2 which has been compromised. If you continue to use PPTP be aware that intercepted traffic can be decrypted by a third party, so it should be considered unencrypted. We advise migrating to another VPN type such as OpenVPN or IPsec.<br/><br/><a href=\"https://isc.sans.edu/diary/End+of+Days+for+MS-CHAPv2/13807\">Read More</a>")); ?>
298	5b237745	Scott Ullrich	<table width="100%" border="0" cellpadding="0" cellspacing="0">
299	e2411886	Scott Ullrich	<tr><td class="tabnavtbl">
300	17982382	Scott Ullrich	<?php
301			$tab_array = array();
302	989d117b	Rafael Lucas	$tab_array[0] = array(gettext("Configuration"), true, "vpn_pptp.php");
303			$tab_array[1] = array(gettext("Users"), false, "vpn_pptp_users.php");
304	17982382	Scott Ullrich	display_top_tabs($tab_array);
305			?>
306	5b237745	Scott Ullrich	</td></tr>
307	e2411886	Scott Ullrich	<tr>
308	96f8c1e2	Bill Marquette	<td>
309			<div id="mainarea">
310			<table class="tabcont" width="100%" border="0" cellpadding="6" cellspacing="0">
311	e2411886	Scott Ullrich	<tr>
312	5b237745	Scott Ullrich	<td width="22%" valign="top" class="vtable"> </td>
313	e2411886	Scott Ullrich	<td width="78%" class="vtable">
314	5b237745	Scott Ullrich	<input name="mode" type="radio" onclick="enable_change(false)" value="off"
315	70085c73	Carlos Eduardo Ramos	<?php if (($pconfig['mode'] != "server") && ($pconfig['mode'] != "redir")) echo "checked";?>>
316	e222daeb	Carlos Eduardo Ramos	<?=gettext("Off"); ?></td>
317	e2411886	Scott Ullrich	<tr>
318	5b237745	Scott Ullrich	<td width="22%" valign="top" class="vtable"> </td>
319			<td width="78%" class="vtable">
320	70085c73	Carlos Eduardo Ramos
321			<input type="radio" name="mode" value="redir" onclick="enable_change(false)" <?php if ($pconfig['mode'] == "redir") echo "checked" ?>>
322	62f8bb60	Carlos Eduardo Ramos	<?=gettext("Redirect incoming PPTP connections to");?>:</td>
323	9f6651a3	Carlos Eduardo Ramos	<tr>
324			<td width="22%" valign="top" class="vncellreq"><?=gettext("PPTP redirection");?></td>
325	e2411886	Scott Ullrich	<td width="78%" class="vtable">
326	b5c78501	Seth Mos	<?=$mandfldhtml;?><input name="redir" type="text" class="formfld unknown" id="redir" size="20" value="<?=htmlspecialchars($pconfig['redir']);?>">
327	5b237745	Scott Ullrich	<br>
328	70085c73	Carlos Eduardo Ramos	<?=gettext("Enter the IP address of a host which will accept incoming " .
329			"PPTP connections"); ?>.</td>
330	e2411886	Scott Ullrich	<tr>
331	5b237745	Scott Ullrich	<td width="22%" valign="top" class="vtable"> </td>
332			<td width="78%" class="vtable">
333	70085c73	Carlos Eduardo Ramos	<input type="radio" name="mode" value="server" onclick="enable_change(false)" <?php if ($pconfig['mode'] == "server") echo "checked"; ?>>
334			<?=gettext("Enable PPTP server"); ?></td>
335	c8c416db	Scott Ullrich	</tr>
336	f2b4ff2b	sullrich	<tr>
337	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("No. PPTP users"); ?></td>
338	f2b4ff2b	sullrich	<td width="78%" class="vtable">
339			<select id="n_pptp_units" name="n_pptp_units">
340			<?php
341	1f6f0076	jim-p	$toselect = ($pconfig['n_pptp_units'] > 0) ? $pconfig['n_pptp_units'] : 16;
342			for($x=1; $x<255; $x++) {
343			if($x == $toselect)
344	f2b4ff2b	sullrich	$SELECTED = " SELECTED";
345			else
346			$SELECTED = "";
347			echo "<option value=\"{$x}\"{$SELECTED}>{$x}</option>\n";
348			}
349			?>
350			</select>
351	084e77e7	Chris Buechler	<br><?=gettext("Hint: 10 is ten PPTP clients"); ?>
352	f2b4ff2b	sullrich	</td>
353			</tr>
354	e2411886	Scott Ullrich	<tr>
355	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Server address"); ?></td>
356	e2411886	Scott Ullrich	<td width="78%" class="vtable">
357	b5c78501	Seth Mos	<?=$mandfldhtml;?><input name="localip" type="text" class="formfld unknown" id="localip" size="20" value="<?=htmlspecialchars($pconfig['localip']);?>">
358	6d1ae23c	jim-p	<br/>
359			<?=gettext("Enter the IP address the PPTP server should give to clients for use as their \"gateway\""); ?>.
360			<br/>
361			<?=gettext("Typically this is set to an unused IP just outside of the client range"); ?>.
362			<br/>
363			<br/>
364	973444a8	jim-p	<?=gettext("NOTE: This should NOT be set to any IP address currently in use on this firewall"); ?>.</td>
365	5b237745	Scott Ullrich	</tr>
366	e2411886	Scott Ullrich	<tr>
367	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Remote address " .
368			"range"); ?></td>
369	e2411886	Scott Ullrich	<td width="78%" class="vtable">
370	b5c78501	Seth Mos	<?=$mandfldhtml;?><input name="remoteip" type="text" class="formfld unknown" id="remoteip" size="20" value="<?=htmlspecialchars($pconfig['remoteip']);?>">
371	5b237745	Scott Ullrich	<br>
372	70085c73	Carlos Eduardo Ramos	<?=gettext("Specify the starting address for the client IP subnet"); ?>.<br>
373	07cae4b2	Scott Ullrich	</tr>
374	c8c416db	Scott Ullrich	<tr>
375	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("PPTP DNS Servers"); ?></td>
376	c8c416db	Scott Ullrich	<td width="78%" class="vtable">
377	b5c78501	Seth Mos	<?=$mandfldhtml;?><input name="pptp_dns1" type="text" class="formfld unknown" id="pptp_dns1" size="20" value="<?=htmlspecialchars($pconfig['pptp_dns1']);?>">
378	c8c416db	Scott Ullrich	<br>
379	045c9cc9	sullrich	<input name="pptp_dns2" type="text" class="formfld unknown" id="pptp_dns2" size="20" value="<?=htmlspecialchars($pconfig['pptp_dns2']);?>">
380	c8c416db	Scott Ullrich	<br>
381	70085c73	Carlos Eduardo Ramos	<?=gettext("primary and secondary DNS servers assigned to PPTP clients"); ?><br>
382	c8c416db	Scott Ullrich	</tr>
383			<tr>
384	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("WINS Server"); ?></td>
385			<td width="78%" valign="top" class="vtable">
386	b5c78501	Seth Mos	<input name="wins" class="formfld unknown" id="wins" size="20" value="<?=htmlspecialchars($pconfig['wins']);?>">
387	c8c416db	Scott Ullrich	</td>
388			</tr>
389	e2411886	Scott Ullrich	<tr>
390	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("RADIUS"); ?></td>
391	e2411886	Scott Ullrich	<td width="78%" class="vtable">
392			<input name="radiusenable" type="checkbox" id="radiusenable" onclick="enable_change(false)" value="yes" <?php if ($pconfig['radiusenable']) echo "checked"; ?>>
393	70085c73	Carlos Eduardo Ramos	<strong><?=gettext("Use a RADIUS server for authentication"); ?></strong><br>
394			<?=gettext("When set, all users will be authenticated using " .
395			"the RADIUS server specified below. The local user database " .
396			"will not be used"); ?>.<br>
397	5b237745	Scott Ullrich	<br>
398	70085c73	Carlos Eduardo Ramos	<input name="radacct_enable" type="checkbox" id="radacct_enable" onclick="enable_change(false)" value="yes" <?php if ($pconfig['radacct_enable']) echo "checked"; ?>>
399			<strong><?=gettext("Enable RADIUS accounting"); ?> <br>
400			</strong><?=gettext("Sends accounting packets to the RADIUS server"); ?>.<br>
401	c8c416db	Scott Ullrich	<br>
402	70085c73	Carlos Eduardo Ramos	<input name="radiussecenable" type="checkbox" id="radiussecenable" onclick="enable_change(false)" value="yes" <?php if ($pconfig['radiussecenable']) echo "checked"; ?>>
403			<strong><?=gettext("Secondary RADIUS server for failover authentication"); ?></strong><br>
404			<?=gettext("When set, all requests will go to the secondary server when primary fails"); ?><br>
405	f9f160b1	Chris Buechler	<br>
406			<input name="radiusissueips" value="yes" type="checkbox" class="formfld" id="radiusissueips"<?php if($pconfig['radiusissueips']) echo " CHECKED"; ?>>
407	70085c73	Carlos Eduardo Ramos	<strong><?=gettext("RADIUS issued IPs"); ?></strong>
408			<br><?=gettext("Issue IP addresses via RADIUS server"); ?>.
409	f9f160b1	Chris Buechler	</td>
410			</td>
411	c8c416db	Scott Ullrich	</tr>
412			<tr>
413	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("RADIUS NAS IP"); ?></td>
414	c8c416db	Scott Ullrich	<td width="78%" valign="top" class="vtable">
415	b5c78501	Seth Mos	<input name="radius_nasip" class="formfld unknown" id="radius_nasip" size="20" value="<?=htmlspecialchars($pconfig['radius_nasip']);?>">
416	c8c416db	Scott Ullrich	</td>
417	f9f160b1	Chris Buechler	</tr>
418	c8c416db	Scott Ullrich	<tr>
419	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("RADIUS Accounting Update"); ?></td>
420	c8c416db	Scott Ullrich	<td width="78%" valign="top" class="vtable">
421	b5c78501	Seth Mos	<input name="radius_acct_update" class="formfld unknown" id="radius_acct_update" size="20" value="<?=htmlspecialchars($pconfig['radius_acct_update']);?>">
422	c8c416db	Scott Ullrich	</td>
423	f9f160b1	Chris Buechler	</tr>
424	e2411886	Scott Ullrich	<tr>
425	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("RADIUS Server"); ?> </td>
426	78cf56c6	Scott Ullrich	<td width="78%" class="vtable">
427	b5c78501	Seth Mos	<input name="radiusserver" type="text" class="formfld unknown" id="radiusserver" size="20" value="<?=htmlspecialchars($pconfig['radiusserver']);?>">
428			<input name="radiusserverport" type="text" class="formfld unknown" id="radiusserverport" size="4" value="<?=htmlspecialchars($pconfig['radiusserverport']);?>">
429			<input name="radiusserveracctport" type="text" class="formfld unknown" id="radiusserveracctport" size="4" value="<?=htmlspecialchars($pconfig['radiusserveracctport']);?>">
430	5b237745	Scott Ullrich	<br>
431	70085c73	Carlos Eduardo Ramos	<?=gettext("Enter the IP address, RADIUS port, and RADIUS accounting port of the RADIUS server"); ?>.</td>
432	5b237745	Scott Ullrich	</tr>
433	e2411886	Scott Ullrich	<tr>
434	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("RADIUS shared secret"); ?></td>
435	78cf56c6	Scott Ullrich	<td width="78%" valign="top" class="vtable">
436	b5c78501	Seth Mos	<input name="radiussecret" type="password" class="formfld pwd" id="radiussecret" size="20" value="<?=htmlspecialchars($pconfig['radiussecret']);?>">
437	5b237745	Scott Ullrich	<br>
438	70085c73	Carlos Eduardo Ramos	<?=gettext("Enter the shared secret that will be used to authenticate " .
439			"to the RADIUS server"); ?>.</td>
440	07cae4b2	Scott Ullrich	</tr>
441			<tr>
442	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Secondary RADIUS server"); ?> </td>
443	07cae4b2	Scott Ullrich	<td width="78%" class="vtable">
444	b5c78501	Seth Mos	<input name="radiusserver2" type="text" class="formfld unknown" id="radiusserver2" size="20" value="<?=htmlspecialchars($pconfig['radiusserver2']);?>">
445			<input name="radiusserver2port" type="text" class="formfld unknown" id="radiusserver2port" size="4" value="<?=htmlspecialchars($pconfig['radiusserver2port']);?>">
446			<input name="radiusserver2acctport" type="text" class="formfld unknown" id="radiusserver2acctport" size="4" value="<?=htmlspecialchars($pconfig['radiusserver2acctport']);?>">
447	07cae4b2	Scott Ullrich	<br>
448	70085c73	Carlos Eduardo Ramos	<?=gettext("Enter the IP address, RADIUS port, and RADIUS accounting port of the RADIUS server"); ?>.</td>
449	07cae4b2	Scott Ullrich	</tr>
450			<tr>
451	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Secondary RADIUS shared secret"); ?></td>
452	07cae4b2	Scott Ullrich	<td width="78%" valign="top" class="vtable">
453	b5c78501	Seth Mos	<input name="radiussecret2" type="password" class="formfld pwd" id="radiussecret2" size="20" value="<?=htmlspecialchars($pconfig['radiussecret2']);?>">
454	07cae4b2	Scott Ullrich	<br>
455	70085c73	Carlos Eduardo Ramos	<?=gettext("Enter the shared secret that will be used to authenticate " .
456			"to the secondary RADIUS server"); ?>.</td>
457	07cae4b2	Scott Ullrich	</tr>
458	e2411886	Scott Ullrich	<tr>
459	5b237745	Scott Ullrich	<td height="16" colspan="2" valign="top"></td>
460			</tr>
461	e2411886	Scott Ullrich	<tr>
462	5b237745	Scott Ullrich	<td width="22%" valign="middle"> </td>
463	e2411886	Scott Ullrich	<td width="78%" class="vtable">
464	70085c73	Carlos Eduardo Ramos	<input name="req128" type="checkbox" id="req128" value="yes" <?php if ($pconfig['req128']) echo "checked"; ?>>
465			<strong><?=gettext("Require 128-bit encryption"); ?></strong><br>
466			<?=gettext("When set, only 128-bit encryption will be accepted. Otherwise " .
467			"40-bit and 56-bit encryption will be accepted as well. Note that " .
468			"encryption will always be forced on PPTP connections (i.e. " .
469			"unencrypted connections will not be accepted)"); ?>.</td>
470	5b237745	Scott Ullrich	</tr>
471	e2411886	Scott Ullrich	<tr>
472	5b237745	Scott Ullrich	<td width="22%" valign="top"> </td>
473	e2411886	Scott Ullrich	<td width="78%">
474	70085c73	Carlos Eduardo Ramos	<input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" onclick="enable_change(true)">
475	5b237745	Scott Ullrich	</td>
476			</tr>
477	e2411886	Scott Ullrich	<tr>
478			<td width="22%" valign="top"> </td>
479	70085c73	Carlos Eduardo Ramos	<td width="78%"><span class="vexpl"><span class="red"><strong><?=gettext("Note");?>:<br>
480	62f8bb60	Carlos Eduardo Ramos	</strong></span><?=gettext("don't forget to ");?><a href="firewall_rules.php?if=pptp"><?=gettext("add a firewall rule"); ?></a> <?=gettext("to permit ".
481			"traffic from PPTP clients");?>!</span></td>
482	70085c73	Carlos Eduardo Ramos	</tr>
483	5b237745	Scott Ullrich	</table>
484	96f8c1e2	Bill Marquette	</div>
485	e2411886	Scott Ullrich	</td>
486	5b237745	Scott Ullrich	</tr>
487			</table>
488			</form>
489			<script language="JavaScript">
490			<!--
491			enable_change(false);
492			//-->
493			</script>
494			<?php include("fend.inc"); ?>
495	9999b3aa	Scott Ullrich	</body>
496			</html>

Project

General

Profile

pfSense