/usr/local/www/vpn_pptp.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/vpn_pptp.php @ 5f601060

1	5b237745	Scott Ullrich	<?php
2			/*
3			vpn_pptp.php
4			part of m0n0wall (http://m0n0.ch/wall)
5	e2411886	Scott Ullrich
6			Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>.
7	ce77a9c4	Phil Davis	Copyright (C) 2013-2015 Electric Sheep Fencing, LP
8	5b237745	Scott Ullrich	All rights reserved.
9	e2411886	Scott Ullrich
10	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
11			modification, are permitted provided that the following conditions are met:
12	e2411886	Scott Ullrich
13	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
14			this list of conditions and the following disclaimer.
15	e2411886	Scott Ullrich
16	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
17			notice, this list of conditions and the following disclaimer in the
18			documentation and/or other materials provided with the distribution.
19	e2411886	Scott Ullrich
20	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
21			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
22			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
23			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
24			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29			POSSIBILITY OF SUCH DAMAGE.
30			*/
31
32	6b07c15a	Matthew Grooms	##\|+PRIV
33			##\|*IDENT=page-vpn-vpnpptp
34			##\|*NAME=VPN: VPN PPTP page
35			##\|*DESCR=Allow access to the 'VPN: VPN PPTP' page.
36			##\|MATCH=vpn_pptp.php
37			##\|-PRIV
38
39	5b237745	Scott Ullrich	require("guiconfig.inc");
40	7a927e67	Scott Ullrich	require_once("functions.inc");
41			require_once("filter.inc");
42			require_once("shaper.inc");
43	483e6de8	Scott Ullrich	require_once("vpn.inc");
44	5b237745	Scott Ullrich
45			if (!is_array($config['pptpd']['radius'])) {
46			$config['pptpd']['radius'] = array();
47			}
48			$pptpcfg = &$config['pptpd'];
49
50			$pconfig['remoteip'] = $pptpcfg['remoteip'];
51			$pconfig['localip'] = $pptpcfg['localip'];
52			$pconfig['redir'] = $pptpcfg['redir'];
53			$pconfig['mode'] = $pptpcfg['mode'];
54	10d470b9	Scott Ullrich	$pconfig['wins'] = $pptpcfg['wins'];
55	5b237745	Scott Ullrich	$pconfig['req128'] = isset($pptpcfg['req128']);
56	07cae4b2	Scott Ullrich	$pconfig['n_pptp_units'] = $pptpcfg['n_pptp_units'];
57	c8c416db	Scott Ullrich	$pconfig['pptp_dns1'] = $pptpcfg['dns1'];
58			$pconfig['pptp_dns2'] = $pptpcfg['dns2'];
59	71569a7e	jim-p	$pconfig['radiusenable'] = isset($pptpcfg['radius']['server']['enable']);
60	c8c416db	Scott Ullrich	$pconfig['radiusissueips'] = isset($pptpcfg['radius']['radiusissueips']);
61			$pconfig['radiussecenable'] = isset($pptpcfg['radius']['server2']['enable']);
62			$pconfig['radacct_enable'] = isset($pptpcfg['radius']['accounting']);
63			$pconfig['radiusserver'] = $pptpcfg['radius']['server']['ip'];
64			$pconfig['radiusserverport'] = $pptpcfg['radius']['server']['port'];
65			$pconfig['radiusserveracctport'] = $pptpcfg['radius']['server']['acctport'];
66			$pconfig['radiussecret'] = $pptpcfg['radius']['server']['secret'];
67			$pconfig['radiusserver2'] = $pptpcfg['radius']['server2']['ip'];
68			$pconfig['radiusserver2port'] = $pptpcfg['radius']['server2']['port'];
69			$pconfig['radiusserver2acctport'] = $pptpcfg['radius']['server2']['acctport'];
70			$pconfig['radiussecret2'] = $pptpcfg['radius']['server2']['secret2'];
71			$pconfig['radius_acct_update'] = $pptpcfg['radius']['acct_update'];
72			$pconfig['radius_nasip'] = $pptpcfg['radius']['nasip'];
73	5b237745	Scott Ullrich
74			if ($_POST) {
75
76	7eaf04fd	Erik Fonnesbeck	if (isset($input_errors))
77			unset($input_errors);
78	5b237745	Scott Ullrich	$pconfig = $_POST;
79
80			/* input validation */
81			if ($_POST['mode'] == "server") {
82			$reqdfields = explode(" ", "localip remoteip");
83	989d117b	Rafael Lucas	$reqdfieldsn = array(gettext("Server address"),gettext("Remote start address"));
84	e2411886	Scott Ullrich
85	5b237745	Scott Ullrich	if ($_POST['radiusenable']) {
86			$reqdfields = array_merge($reqdfields, explode(" ", "radiusserver radiussecret"));
87	e2411886	Scott Ullrich	$reqdfieldsn = array_merge($reqdfieldsn,
88	989d117b	Rafael Lucas	array(gettext("RADIUS server address"),gettext("RADIUS shared secret")));
89	5b237745	Scott Ullrich	}
90	e2411886	Scott Ullrich
91	1e9b4611	Renato Botelho	do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
92	e2411886	Scott Ullrich
93	5b237745	Scott Ullrich	if (($_POST['localip'] && !is_ipaddr($_POST['localip']))) {
94	989d117b	Rafael Lucas	$input_errors[] = gettext("A valid server address must be specified.");
95	5b237745	Scott Ullrich	}
96	0a0b17d9	Renato Botelho	if (is_ipaddr_configured($_POST['localip'])) {
97			$input_errors[] = gettext("'Server address' parameter should NOT be set to any IP address currently in use on this firewall.");
98			}
99	2f31946f	jim-p	if (!is_ipaddr($_POST['remoteip'])) {
100	989d117b	Rafael Lucas	$input_errors[] = gettext("A valid remote start address must be specified.");
101	5b237745	Scott Ullrich	}
102			if (($_POST['radiusserver'] && !is_ipaddr($_POST['radiusserver']))) {
103	989d117b	Rafael Lucas	$input_errors[] = gettext("A valid RADIUS server address must be specified.");
104	5b237745	Scott Ullrich	}
105	e2411886	Scott Ullrich
106			if (!$input_errors) {
107	96033063	Erik Fonnesbeck	$subnet_start = ip2ulong($_POST['remoteip']);
108			$subnet_end = ip2ulong($_POST['remoteip']) + $_POST['n_pptp_units'] - 1;
109	e2411886	Scott Ullrich
110	96033063	Erik Fonnesbeck	if ((ip2ulong($_POST['localip']) >= $subnet_start) &&
111			(ip2ulong($_POST['localip']) <= $subnet_end)) {
112	989d117b	Rafael Lucas	$input_errors[] = gettext("The specified server address lies in the remote subnet.");
113	5b237745	Scott Ullrich	}
114	2f31946f	jim-p	// TODO: Should this check be for any local IP address?
115	045c9cc9	sullrich	if ($_POST['localip'] == $config['interfaces']['lan']['ipaddr']) {
116	989d117b	Rafael Lucas	$input_errors[] = gettext("The specified server address is equal to the LAN interface address.");
117	5b237745	Scott Ullrich	}
118			}
119			} else if ($_POST['mode'] == "redir") {
120			$reqdfields = explode(" ", "redir");
121	989d117b	Rafael Lucas	$reqdfieldsn = array(gettext("PPTP redirection target address"));
122	e2411886	Scott Ullrich
123	1e9b4611	Renato Botelho	do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
124	e2411886	Scott Ullrich
125	5b237745	Scott Ullrich	if (($_POST['redir'] && !is_ipaddr($_POST['redir']))) {
126	989d117b	Rafael Lucas	$input_errors[] = gettext("A valid target address must be specified.");
127	5b237745	Scott Ullrich	}
128	7eaf04fd	Erik Fonnesbeck	} else if (isset($config['pptpd']['mode'])) {
129	963d012d	Scott Ullrich	unset($config['pptpd']['mode']);
130	5b237745	Scott Ullrich	}
131
132			if (!$input_errors) {
133			$pptpcfg['remoteip'] = $_POST['remoteip'];
134			$pptpcfg['redir'] = $_POST['redir'];
135	c8c416db	Scott Ullrich	$pptpcfg['localip'] = $_POST['localip'];
136	5b237745	Scott Ullrich	$pptpcfg['mode'] = $_POST['mode'];
137	10d470b9	Scott Ullrich	$pptpcfg['wins'] = $_POST['wins'];
138	07cae4b2	Scott Ullrich	$pptpcfg['n_pptp_units'] = $_POST['n_pptp_units'];
139	c8c416db	Scott Ullrich	$pptpcfg['radius']['server']['ip'] = $_POST['radiusserver'];
140			$pptpcfg['radius']['server']['port'] = $_POST['radiusserverport'];
141			$pptpcfg['radius']['server']['acctport'] = $_POST['radiusserveracctport'];
142			$pptpcfg['radius']['server']['secret'] = $_POST['radiussecret'];
143			$pptpcfg['radius']['server2']['ip'] = $_POST['radiusserver2'];
144			$pptpcfg['radius']['server2']['port'] = $_POST['radiusserver2port'];
145			$pptpcfg['radius']['server2']['acctport'] = $_POST['radiusserver2acctport'];
146			$pptpcfg['radius']['server2']['secret2'] = $_POST['radiussecret2'];
147			$pptpcfg['radius']['nasip'] = $_POST['radius_nasip'];
148			$pptpcfg['radius']['acct_update'] = $_POST['radius_acct_update'];
149
150	7eaf04fd	Erik Fonnesbeck	if ($_POST['pptp_dns1'] == "") {
151			if (isset($pptpcfg['dns1']))
152			unset($pptpcfg['dns1']);
153			} else
154	c8c416db	Scott Ullrich	$pptpcfg['dns1'] = $_POST['pptp_dns1'];
155
156	7eaf04fd	Erik Fonnesbeck	if ($_POST['pptp_dns2'] == "") {
157			if (isset($pptpcfg['dns2']))
158			unset($pptpcfg['dns2']);
159			} else
160	c8c416db	Scott Ullrich	$pptpcfg['dns2'] = $_POST['pptp_dns2'];
161	33eaec88	Scott Ullrich
162			if($_POST['req128'] == "yes")
163			$pptpcfg['req128'] = true;
164	7eaf04fd	Erik Fonnesbeck	else if (isset($pptpcfg['req128']))
165	33eaec88	Scott Ullrich	unset($pptpcfg['req128']);
166
167			if($_POST['radiusenable'] == "yes")
168	c8c416db	Scott Ullrich	$pptpcfg['radius']['server']['enable'] = true;
169	7eaf04fd	Erik Fonnesbeck	else if (isset($pptpcfg['radius']['server']['enable']))
170	c8c416db	Scott Ullrich	unset($pptpcfg['radius']['server']['enable']);
171	e2411886	Scott Ullrich
172	07cae4b2	Scott Ullrich	if($_POST['radiussecenable'] == "yes")
173	c07b2675	jim-p	$pptpcfg['radius']['server2']['enable'] = true;
174	7eaf04fd	Erik Fonnesbeck	else if (isset($pptpcfg['radius']['server2']['enable']))
175	c8c416db	Scott Ullrich	unset($pptpcfg['radius']['server2']['enable']);
176	07cae4b2	Scott Ullrich
177	33eaec88	Scott Ullrich	if($_POST['radacct_enable'] == "yes")
178			$pptpcfg['radius']['accounting'] = true;
179	7eaf04fd	Erik Fonnesbeck	else if (isset($pptpcfg['radius']['accounting']))
180	33eaec88	Scott Ullrich	unset($pptpcfg['radius']['accounting']);
181
182	07cae4b2	Scott Ullrich	if($_POST['radiusissueips'] == "yes") {
183			$pptpcfg['radius']['radiusissueips'] = true;
184	7eaf04fd	Erik Fonnesbeck	} else if (isset($pptpcfg['radius']['radiusissueips']))
185	07cae4b2	Scott Ullrich	unset($pptpcfg['radius']['radiusissueips']);
186
187	5b237745	Scott Ullrich	write_config();
188	e2411886	Scott Ullrich
189	5b237745	Scott Ullrich	$retval = 0;
190	72bd8df5	Ermal Lu?i	$retval = vpn_pptpd_configure();
191	5b237745	Scott Ullrich	$savemsg = get_std_save_message($retval);
192	34947a64	Scott Ullrich
193			filter_configure();
194	5b237745	Scott Ullrich	}
195			}
196	4df96eff	Scott Ullrich
197	989d117b	Rafael Lucas	$pgtitle = array(gettext("VPN"),gettext("VPN PPTP"));
198	b32dd0a6	jim-p	$shortcut_section = "pptps";
199	4df96eff	Scott Ullrich	include("head.inc");
200
201	5b237745	Scott Ullrich	?>
202	422f27c0	Scott Ullrich
203			<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
204	e2411886	Scott Ullrich	<?php include("fbegin.inc"); ?>
205	91f026b0	ayvis	<script type="text/javascript">
206	572f4f09	Colin Fleming	//<![CDATA[
207	5b237745	Scott Ullrich	function get_radio_value(obj)
208			{
209			for (i = 0; i < obj.length; i++) {
210			if (obj[i].checked)
211			return obj[i].value;
212			}
213			return null;
214			}
215
216			function enable_change(enable_over) {
217			if ((get_radio_value(document.iform.mode) == "server") \|\| enable_over) {
218			document.iform.remoteip.disabled = 0;
219			document.iform.localip.disabled = 0;
220			document.iform.req128.disabled = 0;
221			document.iform.radiusenable.disabled = 0;
222	a35c2033	Martin Fuchs	document.iform.radiusissueips.disabled = 0;
223	4dd1d9af	Scott Ullrich	document.iform.wins.disabled = 0;
224	07cae4b2	Scott Ullrich	document.iform.n_pptp_units.disabled = 0;
225	c8c416db	Scott Ullrich	document.iform.pptp_dns1.disabled = 0;
226			document.iform.pptp_dns2.disabled = 0;
227	e2411886	Scott Ullrich
228	5b237745	Scott Ullrich	if (document.iform.radiusenable.checked \|\| enable_over) {
229	07cae4b2	Scott Ullrich	document.iform.radiussecenable.disabled = 0;
230	5b237745	Scott Ullrich	document.iform.radacct_enable.disabled = 0;
231			document.iform.radiusserver.disabled = 0;
232	c8c416db	Scott Ullrich	document.iform.radiusserverport.disabled = 0;
233			document.iform.radiusserveracctport.disabled = 0;
234	5b237745	Scott Ullrich	document.iform.radiussecret.disabled = 0;
235	07cae4b2	Scott Ullrich	document.iform.radius_nasip.disabled = 0;
236			document.iform.radius_acct_update.disabled = 0;
237			document.iform.radiusissueips.disabled = 0;
238	c8c416db	Scott Ullrich	if (document.iform.radiussecenable.checked \|\| enable_over) {
239			document.iform.radiusserver2.disabled = 0;
240			document.iform.radiussecret2.disabled = 0;
241			document.iform.radiusserver2port.disabled = 0;
242			document.iform.radiusserver2acctport.disabled = 0;
243			} else {
244
245			document.iform.radiusserver2.disabled = 1;
246			document.iform.radiussecret2.disabled = 1;
247			document.iform.radiusserver2port.disabled = 1;
248			document.iform.radiusserver2acctport.disabled = 1;
249			}
250	5b237745	Scott Ullrich	} else {
251			document.iform.radacct_enable.disabled = 1;
252			document.iform.radiusserver.disabled = 1;
253	c8c416db	Scott Ullrich	document.iform.radiusserverport.disabled = 1;
254	a35c2033	Martin Fuchs	document.iform.radiusissueips.disabled = 1;
255	c8c416db	Scott Ullrich	document.iform.radiusserveracctport.disabled = 1;
256	5b237745	Scott Ullrich	document.iform.radiussecret.disabled = 1;
257	07cae4b2	Scott Ullrich	document.iform.radius_nasip.disabled = 1;
258			document.iform.radius_acct_update.disabled = 1;
259			document.iform.radiusissueips.disabled = 1;
260	114a9292	jim-p	document.iform.radiusserver2.disabled = 1;
261			document.iform.radiussecret2.disabled = 1;
262			document.iform.radiusserver2port.disabled = 1;
263			document.iform.radiusserver2acctport.disabled = 1;
264	07cae4b2	Scott Ullrich	}
265
266	5b237745	Scott Ullrich	} else {
267			document.iform.remoteip.disabled = 1;
268			document.iform.localip.disabled = 1;
269			document.iform.req128.disabled = 1;
270	07cae4b2	Scott Ullrich	document.iform.n_pptp_units.disabled = 1;
271	c8c416db	Scott Ullrich	document.iform.pptp_dns1.disabled = 1;
272			document.iform.pptp_dns2.disabled = 1;
273	5b237745	Scott Ullrich	document.iform.radiusenable.disabled = 1;
274			document.iform.radacct_enable.disabled = 1;
275			document.iform.radiusserver.disabled = 1;
276	c8c416db	Scott Ullrich	document.iform.radiusserverport.disabled = 1;
277	a35c2033	Martin Fuchs	document.iform.radiusissueips.disabled = 1;
278	c8c416db	Scott Ullrich	document.iform.radiusserveracctport.disabled = 1;
279	5b237745	Scott Ullrich	document.iform.radiussecret.disabled = 1;
280	07cae4b2	Scott Ullrich	document.iform.radius_nasip.disabled = 1;
281			document.iform.radius_acct_update.disabled = 1;
282			document.iform.radiussecenable.disabled = 1;
283			document.iform.radiusserver2.disabled = 1;
284	c8c416db	Scott Ullrich	document.iform.radiusserver2port.disabled = 1;
285			document.iform.radiusserver2acctport.disabled = 1;
286	07cae4b2	Scott Ullrich	document.iform.radiussecret2.disabled = 1;
287	4dd1d9af	Scott Ullrich	document.iform.wins.disabled = 1;
288	07cae4b2	Scott Ullrich	document.iform.radiusissueips.disabled = 1;
289	5b237745	Scott Ullrich	}
290			if ((get_radio_value(document.iform.mode) == "redir") \|\| enable_over) {
291			document.iform.redir.disabled = 0;
292			} else {
293			document.iform.redir.disabled = 1;
294			}
295			}
296	572f4f09	Colin Fleming	//]]>
297	5b237745	Scott Ullrich	</script>
298			<form action="vpn_pptp.php" method="post" name="iform" id="iform">
299			<?php if ($input_errors) print_input_errors($input_errors); ?>
300			<?php if ($savemsg) print_info_box($savemsg); ?>
301	8cd558b6	ayvis	<?php print_info_box(gettext("PPTP is no longer considered a secure VPN technology because it relies upon MS-CHAPv2 which has been compromised. If you continue to use PPTP be aware that intercepted traffic can be decrypted by a third party, so it should be considered unencrypted. We advise migrating to another VPN type such as OpenVPN or IPsec.<br /><br /><a href=\"https://isc.sans.edu/diary/End+of+Days+for+MS-CHAPv2/13807\">Read More</a>")); ?>
302	572f4f09	Colin Fleming	<table width="100%" border="0" cellpadding="0" cellspacing="0" summary="vpn pptp">
303	e2411886	Scott Ullrich	<tr><td class="tabnavtbl">
304	17982382	Scott Ullrich	<?php
305			$tab_array = array();
306	989d117b	Rafael Lucas	$tab_array[0] = array(gettext("Configuration"), true, "vpn_pptp.php");
307			$tab_array[1] = array(gettext("Users"), false, "vpn_pptp_users.php");
308	17982382	Scott Ullrich	display_top_tabs($tab_array);
309			?>
310	5b237745	Scott Ullrich	</td></tr>
311	e2411886	Scott Ullrich	<tr>
312	96f8c1e2	Bill Marquette	<td>
313			<div id="mainarea">
314	572f4f09	Colin Fleming	<table class="tabcont" width="100%" border="0" cellpadding="6" cellspacing="0" summary="main area">
315	e2411886	Scott Ullrich	<tr>
316	5b237745	Scott Ullrich	<td width="22%" valign="top" class="vtable"> </td>
317	e2411886	Scott Ullrich	<td width="78%" class="vtable">
318	5b237745	Scott Ullrich	<input name="mode" type="radio" onclick="enable_change(false)" value="off"
319	572f4f09	Colin Fleming	<?php if (($pconfig['mode'] != "server") && ($pconfig['mode'] != "redir")) echo "checked=\"checked\"";?> />
320	e222daeb	Carlos Eduardo Ramos	<?=gettext("Off"); ?></td>
321	572f4f09	Colin Fleming	</tr>
322	e2411886	Scott Ullrich	<tr>
323	5b237745	Scott Ullrich	<td width="22%" valign="top" class="vtable"> </td>
324			<td width="78%" class="vtable">
325	70085c73	Carlos Eduardo Ramos
326	572f4f09	Colin Fleming	<input type="radio" name="mode" value="redir" onclick="enable_change(false)" <?php if ($pconfig['mode'] == "redir") echo "checked=\"checked\"" ?> />
327	62f8bb60	Carlos Eduardo Ramos	<?=gettext("Redirect incoming PPTP connections to");?>:</td>
328	572f4f09	Colin Fleming	</tr>
329	9f6651a3	Carlos Eduardo Ramos	<tr>
330			<td width="22%" valign="top" class="vncellreq"><?=gettext("PPTP redirection");?></td>
331	e2411886	Scott Ullrich	<td width="78%" class="vtable">
332	572f4f09	Colin Fleming	<?=$mandfldhtml;?><input name="redir" type="text" class="formfld unknown" id="redir" size="20" value="<?=htmlspecialchars($pconfig['redir']);?>" />
333	8cd558b6	ayvis	<br />
334	70085c73	Carlos Eduardo Ramos	<?=gettext("Enter the IP address of a host which will accept incoming " .
335			"PPTP connections"); ?>.</td>
336	572f4f09	Colin Fleming	</tr>
337	e2411886	Scott Ullrich	<tr>
338	5b237745	Scott Ullrich	<td width="22%" valign="top" class="vtable"> </td>
339			<td width="78%" class="vtable">
340	572f4f09	Colin Fleming	<input type="radio" name="mode" value="server" onclick="enable_change(false)" <?php if ($pconfig['mode'] == "server") echo "checked=\"checked\""; ?> />
341	70085c73	Carlos Eduardo Ramos	<?=gettext("Enable PPTP server"); ?></td>
342	c8c416db	Scott Ullrich	</tr>
343	f2b4ff2b	sullrich	<tr>
344	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("No. PPTP users"); ?></td>
345	f2b4ff2b	sullrich	<td width="78%" class="vtable">
346			<select id="n_pptp_units" name="n_pptp_units">
347			<?php
348	1f6f0076	jim-p	$toselect = ($pconfig['n_pptp_units'] > 0) ? $pconfig['n_pptp_units'] : 16;
349			for($x=1; $x<255; $x++) {
350			if($x == $toselect)
351	572f4f09	Colin Fleming	$SELECTED = " selected=\"selected\"";
352	f2b4ff2b	sullrich	else
353			$SELECTED = "";
354			echo "<option value=\"{$x}\"{$SELECTED}>{$x}</option>\n";
355			}
356			?>
357			</select>
358	8cd558b6	ayvis	<br /><?=gettext("Hint: 10 is ten PPTP clients"); ?>
359	f2b4ff2b	sullrich	</td>
360			</tr>
361	e2411886	Scott Ullrich	<tr>
362	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Server address"); ?></td>
363	e2411886	Scott Ullrich	<td width="78%" class="vtable">
364	572f4f09	Colin Fleming	<?=$mandfldhtml;?><input name="localip" type="text" class="formfld unknown" id="localip" size="20" value="<?=htmlspecialchars($pconfig['localip']);?>" />
365	8cd558b6	ayvis	<br />
366	6d1ae23c	jim-p	<?=gettext("Enter the IP address the PPTP server should give to clients for use as their \"gateway\""); ?>.
367	8cd558b6	ayvis	<br />
368	6d1ae23c	jim-p	<?=gettext("Typically this is set to an unused IP just outside of the client range"); ?>.
369	8cd558b6	ayvis	<br />
370			<br />
371	973444a8	jim-p	<?=gettext("NOTE: This should NOT be set to any IP address currently in use on this firewall"); ?>.</td>
372	5b237745	Scott Ullrich	</tr>
373	e2411886	Scott Ullrich	<tr>
374	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Remote address " .
375			"range"); ?></td>
376	e2411886	Scott Ullrich	<td width="78%" class="vtable">
377	572f4f09	Colin Fleming	<?=$mandfldhtml;?><input name="remoteip" type="text" class="formfld unknown" id="remoteip" size="20" value="<?=htmlspecialchars($pconfig['remoteip']);?>" />
378	8cd558b6	ayvis	<br />
379			<?=gettext("Specify the starting address for the client IP subnet"); ?>.<br />
380	572f4f09	Colin Fleming	</td>
381	07cae4b2	Scott Ullrich	</tr>
382	c8c416db	Scott Ullrich	<tr>
383	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("PPTP DNS Servers"); ?></td>
384	c8c416db	Scott Ullrich	<td width="78%" class="vtable">
385	572f4f09	Colin Fleming	<?=$mandfldhtml;?><input name="pptp_dns1" type="text" class="formfld unknown" id="pptp_dns1" size="20" value="<?=htmlspecialchars($pconfig['pptp_dns1']);?>" />
386	8cd558b6	ayvis	<br />
387	572f4f09	Colin Fleming	<input name="pptp_dns2" type="text" class="formfld unknown" id="pptp_dns2" size="20" value="<?=htmlspecialchars($pconfig['pptp_dns2']);?>" />
388	8cd558b6	ayvis	<br />
389			<?=gettext("primary and secondary DNS servers assigned to PPTP clients"); ?><br />
390	572f4f09	Colin Fleming	</td>
391	c8c416db	Scott Ullrich	</tr>
392			<tr>
393	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("WINS Server"); ?></td>
394			<td width="78%" valign="top" class="vtable">
395	572f4f09	Colin Fleming	<input name="wins" class="formfld unknown" id="wins" size="20" value="<?=htmlspecialchars($pconfig['wins']);?>" />
396	c8c416db	Scott Ullrich	</td>
397			</tr>
398	e2411886	Scott Ullrich	<tr>
399	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("RADIUS"); ?></td>
400	e2411886	Scott Ullrich	<td width="78%" class="vtable">
401	572f4f09	Colin Fleming	<input name="radiusenable" type="checkbox" id="radiusenable" onclick="enable_change(false)" value="yes" <?php if ($pconfig['radiusenable']) echo "checked=\"checked\""; ?> />
402	8cd558b6	ayvis	<strong><?=gettext("Use a RADIUS server for authentication"); ?></strong><br />
403	70085c73	Carlos Eduardo Ramos	<?=gettext("When set, all users will be authenticated using " .
404			"the RADIUS server specified below. The local user database " .
405	8cd558b6	ayvis	"will not be used"); ?>.<br />
406			<br />
407	572f4f09	Colin Fleming	<input name="radacct_enable" type="checkbox" id="radacct_enable" onclick="enable_change(false)" value="yes" <?php if ($pconfig['radacct_enable']) echo "checked=\"checked\""; ?> />
408	8cd558b6	ayvis	<strong><?=gettext("Enable RADIUS accounting"); ?> <br />
409			</strong><?=gettext("Sends accounting packets to the RADIUS server"); ?>.<br />
410			<br />
411	572f4f09	Colin Fleming	<input name="radiussecenable" type="checkbox" id="radiussecenable" onclick="enable_change(false)" value="yes" <?php if ($pconfig['radiussecenable']) echo "checked=\"checked\""; ?> />
412	8cd558b6	ayvis	<strong><?=gettext("Secondary RADIUS server for failover authentication"); ?></strong><br />
413			<?=gettext("When set, all requests will go to the secondary server when primary fails"); ?><br />
414			<br />
415	572f4f09	Colin Fleming	<input name="radiusissueips" value="yes" type="checkbox" class="formfld" id="radiusissueips"<?php if($pconfig['radiusissueips']) echo " checked=\"checked\""; ?> />
416	70085c73	Carlos Eduardo Ramos	<strong><?=gettext("RADIUS issued IPs"); ?></strong>
417	8cd558b6	ayvis	<br /><?=gettext("Issue IP addresses via RADIUS server"); ?>.
418	f9f160b1	Chris Buechler	</td>
419	c8c416db	Scott Ullrich	</tr>
420			<tr>
421	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("RADIUS NAS IP"); ?></td>
422	c8c416db	Scott Ullrich	<td width="78%" valign="top" class="vtable">
423	572f4f09	Colin Fleming	<input name="radius_nasip" class="formfld unknown" id="radius_nasip" size="20" value="<?=htmlspecialchars($pconfig['radius_nasip']);?>" />
424	c8c416db	Scott Ullrich	</td>
425	f9f160b1	Chris Buechler	</tr>
426	c8c416db	Scott Ullrich	<tr>
427	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("RADIUS Accounting Update"); ?></td>
428	c8c416db	Scott Ullrich	<td width="78%" valign="top" class="vtable">
429	572f4f09	Colin Fleming	<input name="radius_acct_update" class="formfld unknown" id="radius_acct_update" size="20" value="<?=htmlspecialchars($pconfig['radius_acct_update']);?>" />
430	c8c416db	Scott Ullrich	</td>
431	f9f160b1	Chris Buechler	</tr>
432	e2411886	Scott Ullrich	<tr>
433	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("RADIUS Server"); ?> </td>
434	78cf56c6	Scott Ullrich	<td width="78%" class="vtable">
435	572f4f09	Colin Fleming	<input name="radiusserver" type="text" class="formfld unknown" id="radiusserver" size="20" value="<?=htmlspecialchars($pconfig['radiusserver']);?>" />
436			<input name="radiusserverport" type="text" class="formfld unknown" id="radiusserverport" size="4" value="<?=htmlspecialchars($pconfig['radiusserverport']);?>" />
437			<input name="radiusserveracctport" type="text" class="formfld unknown" id="radiusserveracctport" size="4" value="<?=htmlspecialchars($pconfig['radiusserveracctport']);?>" />
438	8cd558b6	ayvis	<br />
439	70085c73	Carlos Eduardo Ramos	<?=gettext("Enter the IP address, RADIUS port, and RADIUS accounting port of the RADIUS server"); ?>.</td>
440	5b237745	Scott Ullrich	</tr>
441	e2411886	Scott Ullrich	<tr>
442	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("RADIUS shared secret"); ?></td>
443	78cf56c6	Scott Ullrich	<td width="78%" valign="top" class="vtable">
444	572f4f09	Colin Fleming	<input name="radiussecret" type="password" class="formfld pwd" id="radiussecret" size="20" value="<?=htmlspecialchars($pconfig['radiussecret']);?>" />
445	8cd558b6	ayvis	<br />
446	70085c73	Carlos Eduardo Ramos	<?=gettext("Enter the shared secret that will be used to authenticate " .
447			"to the RADIUS server"); ?>.</td>
448	07cae4b2	Scott Ullrich	</tr>
449			<tr>
450	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Secondary RADIUS server"); ?> </td>
451	07cae4b2	Scott Ullrich	<td width="78%" class="vtable">
452	572f4f09	Colin Fleming	<input name="radiusserver2" type="text" class="formfld unknown" id="radiusserver2" size="20" value="<?=htmlspecialchars($pconfig['radiusserver2']);?>" />
453			<input name="radiusserver2port" type="text" class="formfld unknown" id="radiusserver2port" size="4" value="<?=htmlspecialchars($pconfig['radiusserver2port']);?>" />
454			<input name="radiusserver2acctport" type="text" class="formfld unknown" id="radiusserver2acctport" size="4" value="<?=htmlspecialchars($pconfig['radiusserver2acctport']);?>" />
455	8cd558b6	ayvis	<br />
456	70085c73	Carlos Eduardo Ramos	<?=gettext("Enter the IP address, RADIUS port, and RADIUS accounting port of the RADIUS server"); ?>.</td>
457	07cae4b2	Scott Ullrich	</tr>
458			<tr>
459	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Secondary RADIUS shared secret"); ?></td>
460	07cae4b2	Scott Ullrich	<td width="78%" valign="top" class="vtable">
461	572f4f09	Colin Fleming	<input name="radiussecret2" type="password" class="formfld pwd" id="radiussecret2" size="20" value="<?=htmlspecialchars($pconfig['radiussecret2']);?>" />
462	8cd558b6	ayvis	<br />
463	70085c73	Carlos Eduardo Ramos	<?=gettext("Enter the shared secret that will be used to authenticate " .
464			"to the secondary RADIUS server"); ?>.</td>
465	07cae4b2	Scott Ullrich	</tr>
466	e2411886	Scott Ullrich	<tr>
467	5b237745	Scott Ullrich	<td height="16" colspan="2" valign="top"></td>
468			</tr>
469	e2411886	Scott Ullrich	<tr>
470	5b237745	Scott Ullrich	<td width="22%" valign="middle"> </td>
471	e2411886	Scott Ullrich	<td width="78%" class="vtable">
472	572f4f09	Colin Fleming	<input name="req128" type="checkbox" id="req128" value="yes" <?php if ($pconfig['req128']) echo "checked=\"checked\""; ?> />
473	8cd558b6	ayvis	<strong><?=gettext("Require 128-bit encryption"); ?></strong><br />
474	70085c73	Carlos Eduardo Ramos	<?=gettext("When set, only 128-bit encryption will be accepted. Otherwise " .
475			"40-bit and 56-bit encryption will be accepted as well. Note that " .
476			"encryption will always be forced on PPTP connections (i.e. " .
477			"unencrypted connections will not be accepted)"); ?>.</td>
478	5b237745	Scott Ullrich	</tr>
479	e2411886	Scott Ullrich	<tr>
480	5b237745	Scott Ullrich	<td width="22%" valign="top"> </td>
481	e2411886	Scott Ullrich	<td width="78%">
482	572f4f09	Colin Fleming	<input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" onclick="enable_change(true)" />
483	5b237745	Scott Ullrich	</td>
484			</tr>
485	e2411886	Scott Ullrich	<tr>
486			<td width="22%" valign="top"> </td>
487	8cd558b6	ayvis	<td width="78%"><span class="vexpl"><span class="red"><strong><?=gettext("Note");?>:<br />
488	62f8bb60	Carlos Eduardo Ramos	</strong></span><?=gettext("don't forget to ");?><a href="firewall_rules.php?if=pptp"><?=gettext("add a firewall rule"); ?></a> <?=gettext("to permit ".
489			"traffic from PPTP clients");?>!</span></td>
490	70085c73	Carlos Eduardo Ramos	</tr>
491	5b237745	Scott Ullrich	</table>
492	96f8c1e2	Bill Marquette	</div>
493	e2411886	Scott Ullrich	</td>
494	5b237745	Scott Ullrich	</tr>
495			</table>
496			</form>
497	91f026b0	ayvis	<script type="text/javascript">
498	572f4f09	Colin Fleming	//<![CDATA[
499	5b237745	Scott Ullrich	enable_change(false);
500	572f4f09	Colin Fleming	//]]>
501	5b237745	Scott Ullrich	</script>
502			<?php include("fend.inc"); ?>
503	9999b3aa	Scott Ullrich	</body>
504			</html>

Project

General

Profile

pfSense