/src/usr/local/www/vpn_pptp.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/src/usr/local/www/vpn_pptp.php @ ac9b1e94

1	5b237745	Scott Ullrich	<?php
2	85616372	Sander van Leeuwen
3			/*
4			WARNING: DEPRICATED! SHOULD NOT BE CONVERTED. SEE https://github.com/SjonHortensius/pfsense/issues/229
5			*/
6
7	5b237745	Scott Ullrich	/*
8			vpn_pptp.php
9			part of m0n0wall (http://m0n0.ch/wall)
10	e2411886	Scott Ullrich
11			Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>.
12	ce77a9c4	Phil Davis	Copyright (C) 2013-2015 Electric Sheep Fencing, LP
13	5b237745	Scott Ullrich	All rights reserved.
14	e2411886	Scott Ullrich
15	5b237745	Scott Ullrich	Redistribution and use in source and binary forms, with or without
16			modification, are permitted provided that the following conditions are met:
17	e2411886	Scott Ullrich
18	5b237745	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
19			this list of conditions and the following disclaimer.
20	e2411886	Scott Ullrich
21	5b237745	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
22			notice, this list of conditions and the following disclaimer in the
23			documentation and/or other materials provided with the distribution.
24	e2411886	Scott Ullrich
25	5b237745	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
26			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
27			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
28			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
29			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
30			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
31			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
32			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
33			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
34			POSSIBILITY OF SUCH DAMAGE.
35			*/
36
37	6b07c15a	Matthew Grooms	##\|+PRIV
38			##\|*IDENT=page-vpn-vpnpptp
39			##\|*NAME=VPN: VPN PPTP page
40			##\|*DESCR=Allow access to the 'VPN: VPN PPTP' page.
41			##\|MATCH=vpn_pptp.php
42			##\|-PRIV
43
44	5b237745	Scott Ullrich	require("guiconfig.inc");
45	7a927e67	Scott Ullrich	require_once("functions.inc");
46			require_once("filter.inc");
47			require_once("shaper.inc");
48	483e6de8	Scott Ullrich	require_once("vpn.inc");
49	5b237745	Scott Ullrich
50			if (!is_array($config['pptpd']['radius'])) {
51			$config['pptpd']['radius'] = array();
52			}
53			$pptpcfg = &$config['pptpd'];
54
55			$pconfig['remoteip'] = $pptpcfg['remoteip'];
56			$pconfig['localip'] = $pptpcfg['localip'];
57			$pconfig['redir'] = $pptpcfg['redir'];
58			$pconfig['mode'] = $pptpcfg['mode'];
59	10d470b9	Scott Ullrich	$pconfig['wins'] = $pptpcfg['wins'];
60	5b237745	Scott Ullrich	$pconfig['req128'] = isset($pptpcfg['req128']);
61	07cae4b2	Scott Ullrich	$pconfig['n_pptp_units'] = $pptpcfg['n_pptp_units'];
62	c8c416db	Scott Ullrich	$pconfig['pptp_dns1'] = $pptpcfg['dns1'];
63			$pconfig['pptp_dns2'] = $pptpcfg['dns2'];
64	71569a7e	jim-p	$pconfig['radiusenable'] = isset($pptpcfg['radius']['server']['enable']);
65	c8c416db	Scott Ullrich	$pconfig['radiusissueips'] = isset($pptpcfg['radius']['radiusissueips']);
66			$pconfig['radiussecenable'] = isset($pptpcfg['radius']['server2']['enable']);
67			$pconfig['radacct_enable'] = isset($pptpcfg['radius']['accounting']);
68			$pconfig['radiusserver'] = $pptpcfg['radius']['server']['ip'];
69			$pconfig['radiusserverport'] = $pptpcfg['radius']['server']['port'];
70			$pconfig['radiusserveracctport'] = $pptpcfg['radius']['server']['acctport'];
71			$pconfig['radiussecret'] = $pptpcfg['radius']['server']['secret'];
72			$pconfig['radiusserver2'] = $pptpcfg['radius']['server2']['ip'];
73			$pconfig['radiusserver2port'] = $pptpcfg['radius']['server2']['port'];
74			$pconfig['radiusserver2acctport'] = $pptpcfg['radius']['server2']['acctport'];
75			$pconfig['radiussecret2'] = $pptpcfg['radius']['server2']['secret2'];
76			$pconfig['radius_acct_update'] = $pptpcfg['radius']['acct_update'];
77			$pconfig['radius_nasip'] = $pptpcfg['radius']['nasip'];
78	5b237745	Scott Ullrich
79			if ($_POST) {
80
81	7eaf04fd	Erik Fonnesbeck	if (isset($input_errors))
82			unset($input_errors);
83	5b237745	Scott Ullrich	$pconfig = $_POST;
84
85			/* input validation */
86			if ($_POST['mode'] == "server") {
87			$reqdfields = explode(" ", "localip remoteip");
88	989d117b	Rafael Lucas	$reqdfieldsn = array(gettext("Server address"),gettext("Remote start address"));
89	e2411886	Scott Ullrich
90	5b237745	Scott Ullrich	if ($_POST['radiusenable']) {
91			$reqdfields = array_merge($reqdfields, explode(" ", "radiusserver radiussecret"));
92	e2411886	Scott Ullrich	$reqdfieldsn = array_merge($reqdfieldsn,
93	989d117b	Rafael Lucas	array(gettext("RADIUS server address"),gettext("RADIUS shared secret")));
94	5b237745	Scott Ullrich	}
95	e2411886	Scott Ullrich
96	1e9b4611	Renato Botelho	do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
97	e2411886	Scott Ullrich
98	5b237745	Scott Ullrich	if (($_POST['localip'] && !is_ipaddr($_POST['localip']))) {
99	989d117b	Rafael Lucas	$input_errors[] = gettext("A valid server address must be specified.");
100	5b237745	Scott Ullrich	}
101	0a0b17d9	Renato Botelho	if (is_ipaddr_configured($_POST['localip'])) {
102			$input_errors[] = gettext("'Server address' parameter should NOT be set to any IP address currently in use on this firewall.");
103			}
104	2f31946f	jim-p	if (!is_ipaddr($_POST['remoteip'])) {
105	989d117b	Rafael Lucas	$input_errors[] = gettext("A valid remote start address must be specified.");
106	5b237745	Scott Ullrich	}
107			if (($_POST['radiusserver'] && !is_ipaddr($_POST['radiusserver']))) {
108	989d117b	Rafael Lucas	$input_errors[] = gettext("A valid RADIUS server address must be specified.");
109	5b237745	Scott Ullrich	}
110	e2411886	Scott Ullrich
111			if (!$input_errors) {
112	96033063	Erik Fonnesbeck	$subnet_start = ip2ulong($_POST['remoteip']);
113			$subnet_end = ip2ulong($_POST['remoteip']) + $_POST['n_pptp_units'] - 1;
114	e2411886	Scott Ullrich
115	96033063	Erik Fonnesbeck	if ((ip2ulong($_POST['localip']) >= $subnet_start) &&
116			(ip2ulong($_POST['localip']) <= $subnet_end)) {
117	989d117b	Rafael Lucas	$input_errors[] = gettext("The specified server address lies in the remote subnet.");
118	5b237745	Scott Ullrich	}
119	2f31946f	jim-p	// TODO: Should this check be for any local IP address?
120	045c9cc9	sullrich	if ($_POST['localip'] == $config['interfaces']['lan']['ipaddr']) {
121	989d117b	Rafael Lucas	$input_errors[] = gettext("The specified server address is equal to the LAN interface address.");
122	5b237745	Scott Ullrich	}
123			}
124			} else if ($_POST['mode'] == "redir") {
125			$reqdfields = explode(" ", "redir");
126	989d117b	Rafael Lucas	$reqdfieldsn = array(gettext("PPTP redirection target address"));
127	e2411886	Scott Ullrich
128	1e9b4611	Renato Botelho	do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
129	e2411886	Scott Ullrich
130	5b237745	Scott Ullrich	if (($_POST['redir'] && !is_ipaddr($_POST['redir']))) {
131	989d117b	Rafael Lucas	$input_errors[] = gettext("A valid target address must be specified.");
132	5b237745	Scott Ullrich	}
133	7eaf04fd	Erik Fonnesbeck	} else if (isset($config['pptpd']['mode'])) {
134	963d012d	Scott Ullrich	unset($config['pptpd']['mode']);
135	5b237745	Scott Ullrich	}
136
137			if (!$input_errors) {
138			$pptpcfg['remoteip'] = $_POST['remoteip'];
139			$pptpcfg['redir'] = $_POST['redir'];
140	c8c416db	Scott Ullrich	$pptpcfg['localip'] = $_POST['localip'];
141	5b237745	Scott Ullrich	$pptpcfg['mode'] = $_POST['mode'];
142	10d470b9	Scott Ullrich	$pptpcfg['wins'] = $_POST['wins'];
143	07cae4b2	Scott Ullrich	$pptpcfg['n_pptp_units'] = $_POST['n_pptp_units'];
144	c8c416db	Scott Ullrich	$pptpcfg['radius']['server']['ip'] = $_POST['radiusserver'];
145			$pptpcfg['radius']['server']['port'] = $_POST['radiusserverport'];
146			$pptpcfg['radius']['server']['acctport'] = $_POST['radiusserveracctport'];
147			$pptpcfg['radius']['server']['secret'] = $_POST['radiussecret'];
148			$pptpcfg['radius']['server2']['ip'] = $_POST['radiusserver2'];
149			$pptpcfg['radius']['server2']['port'] = $_POST['radiusserver2port'];
150			$pptpcfg['radius']['server2']['acctport'] = $_POST['radiusserver2acctport'];
151			$pptpcfg['radius']['server2']['secret2'] = $_POST['radiussecret2'];
152			$pptpcfg['radius']['nasip'] = $_POST['radius_nasip'];
153			$pptpcfg['radius']['acct_update'] = $_POST['radius_acct_update'];
154
155	7eaf04fd	Erik Fonnesbeck	if ($_POST['pptp_dns1'] == "") {
156			if (isset($pptpcfg['dns1']))
157			unset($pptpcfg['dns1']);
158			} else
159	c8c416db	Scott Ullrich	$pptpcfg['dns1'] = $_POST['pptp_dns1'];
160
161	7eaf04fd	Erik Fonnesbeck	if ($_POST['pptp_dns2'] == "") {
162			if (isset($pptpcfg['dns2']))
163			unset($pptpcfg['dns2']);
164			} else
165	c8c416db	Scott Ullrich	$pptpcfg['dns2'] = $_POST['pptp_dns2'];
166	33eaec88	Scott Ullrich
167			if($_POST['req128'] == "yes")
168			$pptpcfg['req128'] = true;
169	7eaf04fd	Erik Fonnesbeck	else if (isset($pptpcfg['req128']))
170	33eaec88	Scott Ullrich	unset($pptpcfg['req128']);
171
172			if($_POST['radiusenable'] == "yes")
173	c8c416db	Scott Ullrich	$pptpcfg['radius']['server']['enable'] = true;
174	7eaf04fd	Erik Fonnesbeck	else if (isset($pptpcfg['radius']['server']['enable']))
175	c8c416db	Scott Ullrich	unset($pptpcfg['radius']['server']['enable']);
176	e2411886	Scott Ullrich
177	07cae4b2	Scott Ullrich	if($_POST['radiussecenable'] == "yes")
178	c07b2675	jim-p	$pptpcfg['radius']['server2']['enable'] = true;
179	7eaf04fd	Erik Fonnesbeck	else if (isset($pptpcfg['radius']['server2']['enable']))
180	c8c416db	Scott Ullrich	unset($pptpcfg['radius']['server2']['enable']);
181	07cae4b2	Scott Ullrich
182	33eaec88	Scott Ullrich	if($_POST['radacct_enable'] == "yes")
183			$pptpcfg['radius']['accounting'] = true;
184	7eaf04fd	Erik Fonnesbeck	else if (isset($pptpcfg['radius']['accounting']))
185	33eaec88	Scott Ullrich	unset($pptpcfg['radius']['accounting']);
186
187	07cae4b2	Scott Ullrich	if($_POST['radiusissueips'] == "yes") {
188			$pptpcfg['radius']['radiusissueips'] = true;
189	7eaf04fd	Erik Fonnesbeck	} else if (isset($pptpcfg['radius']['radiusissueips']))
190	07cae4b2	Scott Ullrich	unset($pptpcfg['radius']['radiusissueips']);
191
192	5b237745	Scott Ullrich	write_config();
193	e2411886	Scott Ullrich
194	5b237745	Scott Ullrich	$retval = 0;
195	72bd8df5	Ermal Lu?i	$retval = vpn_pptpd_configure();
196	5b237745	Scott Ullrich	$savemsg = get_std_save_message($retval);
197	34947a64	Scott Ullrich
198			filter_configure();
199	5b237745	Scott Ullrich	}
200			}
201	4df96eff	Scott Ullrich
202	989d117b	Rafael Lucas	$pgtitle = array(gettext("VPN"),gettext("VPN PPTP"));
203	b32dd0a6	jim-p	$shortcut_section = "pptps";
204	4df96eff	Scott Ullrich	include("head.inc");
205
206	5b237745	Scott Ullrich	?>
207	422f27c0	Scott Ullrich
208			<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
209	e2411886	Scott Ullrich	<?php include("fbegin.inc"); ?>
210	91f026b0	ayvis	<script type="text/javascript">
211	572f4f09	Colin Fleming	//<![CDATA[
212	5b237745	Scott Ullrich	function get_radio_value(obj)
213			{
214			for (i = 0; i < obj.length; i++) {
215			if (obj[i].checked)
216			return obj[i].value;
217			}
218			return null;
219			}
220
221			function enable_change(enable_over) {
222			if ((get_radio_value(document.iform.mode) == "server") \|\| enable_over) {
223			document.iform.remoteip.disabled = 0;
224			document.iform.localip.disabled = 0;
225			document.iform.req128.disabled = 0;
226			document.iform.radiusenable.disabled = 0;
227	a35c2033	Martin Fuchs	document.iform.radiusissueips.disabled = 0;
228	4dd1d9af	Scott Ullrich	document.iform.wins.disabled = 0;
229	07cae4b2	Scott Ullrich	document.iform.n_pptp_units.disabled = 0;
230	c8c416db	Scott Ullrich	document.iform.pptp_dns1.disabled = 0;
231			document.iform.pptp_dns2.disabled = 0;
232	e2411886	Scott Ullrich
233	5b237745	Scott Ullrich	if (document.iform.radiusenable.checked \|\| enable_over) {
234	07cae4b2	Scott Ullrich	document.iform.radiussecenable.disabled = 0;
235	5b237745	Scott Ullrich	document.iform.radacct_enable.disabled = 0;
236			document.iform.radiusserver.disabled = 0;
237	c8c416db	Scott Ullrich	document.iform.radiusserverport.disabled = 0;
238			document.iform.radiusserveracctport.disabled = 0;
239	5b237745	Scott Ullrich	document.iform.radiussecret.disabled = 0;
240	07cae4b2	Scott Ullrich	document.iform.radius_nasip.disabled = 0;
241			document.iform.radius_acct_update.disabled = 0;
242			document.iform.radiusissueips.disabled = 0;
243	c8c416db	Scott Ullrich	if (document.iform.radiussecenable.checked \|\| enable_over) {
244			document.iform.radiusserver2.disabled = 0;
245			document.iform.radiussecret2.disabled = 0;
246			document.iform.radiusserver2port.disabled = 0;
247			document.iform.radiusserver2acctport.disabled = 0;
248			} else {
249
250			document.iform.radiusserver2.disabled = 1;
251			document.iform.radiussecret2.disabled = 1;
252			document.iform.radiusserver2port.disabled = 1;
253			document.iform.radiusserver2acctport.disabled = 1;
254			}
255	5b237745	Scott Ullrich	} else {
256			document.iform.radacct_enable.disabled = 1;
257			document.iform.radiusserver.disabled = 1;
258	c8c416db	Scott Ullrich	document.iform.radiusserverport.disabled = 1;
259	a35c2033	Martin Fuchs	document.iform.radiusissueips.disabled = 1;
260	c8c416db	Scott Ullrich	document.iform.radiusserveracctport.disabled = 1;
261	5b237745	Scott Ullrich	document.iform.radiussecret.disabled = 1;
262	07cae4b2	Scott Ullrich	document.iform.radius_nasip.disabled = 1;
263			document.iform.radius_acct_update.disabled = 1;
264			document.iform.radiusissueips.disabled = 1;
265	114a9292	jim-p	document.iform.radiusserver2.disabled = 1;
266			document.iform.radiussecret2.disabled = 1;
267			document.iform.radiusserver2port.disabled = 1;
268			document.iform.radiusserver2acctport.disabled = 1;
269	07cae4b2	Scott Ullrich	}
270
271	5b237745	Scott Ullrich	} else {
272			document.iform.remoteip.disabled = 1;
273			document.iform.localip.disabled = 1;
274			document.iform.req128.disabled = 1;
275	07cae4b2	Scott Ullrich	document.iform.n_pptp_units.disabled = 1;
276	c8c416db	Scott Ullrich	document.iform.pptp_dns1.disabled = 1;
277			document.iform.pptp_dns2.disabled = 1;
278	5b237745	Scott Ullrich	document.iform.radiusenable.disabled = 1;
279			document.iform.radacct_enable.disabled = 1;
280			document.iform.radiusserver.disabled = 1;
281	c8c416db	Scott Ullrich	document.iform.radiusserverport.disabled = 1;
282	a35c2033	Martin Fuchs	document.iform.radiusissueips.disabled = 1;
283	c8c416db	Scott Ullrich	document.iform.radiusserveracctport.disabled = 1;
284	5b237745	Scott Ullrich	document.iform.radiussecret.disabled = 1;
285	07cae4b2	Scott Ullrich	document.iform.radius_nasip.disabled = 1;
286			document.iform.radius_acct_update.disabled = 1;
287			document.iform.radiussecenable.disabled = 1;
288			document.iform.radiusserver2.disabled = 1;
289	c8c416db	Scott Ullrich	document.iform.radiusserver2port.disabled = 1;
290			document.iform.radiusserver2acctport.disabled = 1;
291	07cae4b2	Scott Ullrich	document.iform.radiussecret2.disabled = 1;
292	4dd1d9af	Scott Ullrich	document.iform.wins.disabled = 1;
293	07cae4b2	Scott Ullrich	document.iform.radiusissueips.disabled = 1;
294	5b237745	Scott Ullrich	}
295			if ((get_radio_value(document.iform.mode) == "redir") \|\| enable_over) {
296			document.iform.redir.disabled = 0;
297			} else {
298			document.iform.redir.disabled = 1;
299			}
300			}
301	572f4f09	Colin Fleming	//]]>
302	5b237745	Scott Ullrich	</script>
303			<form action="vpn_pptp.php" method="post" name="iform" id="iform">
304			<?php if ($input_errors) print_input_errors($input_errors); ?>
305			<?php if ($savemsg) print_info_box($savemsg); ?>
306	8cd558b6	ayvis	<?php print_info_box(gettext("PPTP is no longer considered a secure VPN technology because it relies upon MS-CHAPv2 which has been compromised. If you continue to use PPTP be aware that intercepted traffic can be decrypted by a third party, so it should be considered unencrypted. We advise migrating to another VPN type such as OpenVPN or IPsec.<br /><br /><a href=\"https://isc.sans.edu/diary/End+of+Days+for+MS-CHAPv2/13807\">Read More</a>")); ?>
307	572f4f09	Colin Fleming	<table width="100%" border="0" cellpadding="0" cellspacing="0" summary="vpn pptp">
308	e2411886	Scott Ullrich	<tr><td class="tabnavtbl">
309	17982382	Scott Ullrich	<?php
310			$tab_array = array();
311	989d117b	Rafael Lucas	$tab_array[0] = array(gettext("Configuration"), true, "vpn_pptp.php");
312			$tab_array[1] = array(gettext("Users"), false, "vpn_pptp_users.php");
313	17982382	Scott Ullrich	display_top_tabs($tab_array);
314			?>
315	5b237745	Scott Ullrich	</td></tr>
316	e2411886	Scott Ullrich	<tr>
317	96f8c1e2	Bill Marquette	<td>
318			<div id="mainarea">
319	572f4f09	Colin Fleming	<table class="tabcont" width="100%" border="0" cellpadding="6" cellspacing="0" summary="main area">
320	e2411886	Scott Ullrich	<tr>
321	5b237745	Scott Ullrich	<td width="22%" valign="top" class="vtable"> </td>
322	e2411886	Scott Ullrich	<td width="78%" class="vtable">
323	5b237745	Scott Ullrich	<input name="mode" type="radio" onclick="enable_change(false)" value="off"
324	572f4f09	Colin Fleming	<?php if (($pconfig['mode'] != "server") && ($pconfig['mode'] != "redir")) echo "checked=\"checked\"";?> />
325	e222daeb	Carlos Eduardo Ramos	<?=gettext("Off"); ?></td>
326	572f4f09	Colin Fleming	</tr>
327	e2411886	Scott Ullrich	<tr>
328	5b237745	Scott Ullrich	<td width="22%" valign="top" class="vtable"> </td>
329			<td width="78%" class="vtable">
330	70085c73	Carlos Eduardo Ramos
331	572f4f09	Colin Fleming	<input type="radio" name="mode" value="redir" onclick="enable_change(false)" <?php if ($pconfig['mode'] == "redir") echo "checked=\"checked\"" ?> />
332	62f8bb60	Carlos Eduardo Ramos	<?=gettext("Redirect incoming PPTP connections to");?>:</td>
333	572f4f09	Colin Fleming	</tr>
334	9f6651a3	Carlos Eduardo Ramos	<tr>
335			<td width="22%" valign="top" class="vncellreq"><?=gettext("PPTP redirection");?></td>
336	e2411886	Scott Ullrich	<td width="78%" class="vtable">
337	572f4f09	Colin Fleming	<?=$mandfldhtml;?><input name="redir" type="text" class="formfld unknown" id="redir" size="20" value="<?=htmlspecialchars($pconfig['redir']);?>" />
338	8cd558b6	ayvis	<br />
339	70085c73	Carlos Eduardo Ramos	<?=gettext("Enter the IP address of a host which will accept incoming " .
340			"PPTP connections"); ?>.</td>
341	572f4f09	Colin Fleming	</tr>
342	e2411886	Scott Ullrich	<tr>
343	5b237745	Scott Ullrich	<td width="22%" valign="top" class="vtable"> </td>
344			<td width="78%" class="vtable">
345	572f4f09	Colin Fleming	<input type="radio" name="mode" value="server" onclick="enable_change(false)" <?php if ($pconfig['mode'] == "server") echo "checked=\"checked\""; ?> />
346	70085c73	Carlos Eduardo Ramos	<?=gettext("Enable PPTP server"); ?></td>
347	c8c416db	Scott Ullrich	</tr>
348	f2b4ff2b	sullrich	<tr>
349	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("No. PPTP users"); ?></td>
350	f2b4ff2b	sullrich	<td width="78%" class="vtable">
351			<select id="n_pptp_units" name="n_pptp_units">
352			<?php
353	1f6f0076	jim-p	$toselect = ($pconfig['n_pptp_units'] > 0) ? $pconfig['n_pptp_units'] : 16;
354			for($x=1; $x<255; $x++) {
355			if($x == $toselect)
356	572f4f09	Colin Fleming	$SELECTED = " selected=\"selected\"";
357	f2b4ff2b	sullrich	else
358			$SELECTED = "";
359			echo "<option value=\"{$x}\"{$SELECTED}>{$x}</option>\n";
360			}
361			?>
362			</select>
363	8cd558b6	ayvis	<br /><?=gettext("Hint: 10 is ten PPTP clients"); ?>
364	f2b4ff2b	sullrich	</td>
365			</tr>
366	e2411886	Scott Ullrich	<tr>
367	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Server address"); ?></td>
368	e2411886	Scott Ullrich	<td width="78%" class="vtable">
369	572f4f09	Colin Fleming	<?=$mandfldhtml;?><input name="localip" type="text" class="formfld unknown" id="localip" size="20" value="<?=htmlspecialchars($pconfig['localip']);?>" />
370	8cd558b6	ayvis	<br />
371	6d1ae23c	jim-p	<?=gettext("Enter the IP address the PPTP server should give to clients for use as their \"gateway\""); ?>.
372	8cd558b6	ayvis	<br />
373	6d1ae23c	jim-p	<?=gettext("Typically this is set to an unused IP just outside of the client range"); ?>.
374	8cd558b6	ayvis	<br />
375			<br />
376	973444a8	jim-p	<?=gettext("NOTE: This should NOT be set to any IP address currently in use on this firewall"); ?>.</td>
377	5b237745	Scott Ullrich	</tr>
378	e2411886	Scott Ullrich	<tr>
379	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncellreq"><?=gettext("Remote address " .
380			"range"); ?></td>
381	e2411886	Scott Ullrich	<td width="78%" class="vtable">
382	572f4f09	Colin Fleming	<?=$mandfldhtml;?><input name="remoteip" type="text" class="formfld unknown" id="remoteip" size="20" value="<?=htmlspecialchars($pconfig['remoteip']);?>" />
383	8cd558b6	ayvis	<br />
384			<?=gettext("Specify the starting address for the client IP subnet"); ?>.<br />
385	572f4f09	Colin Fleming	</td>
386	07cae4b2	Scott Ullrich	</tr>
387	c8c416db	Scott Ullrich	<tr>
388	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("PPTP DNS Servers"); ?></td>
389	c8c416db	Scott Ullrich	<td width="78%" class="vtable">
390	572f4f09	Colin Fleming	<?=$mandfldhtml;?><input name="pptp_dns1" type="text" class="formfld unknown" id="pptp_dns1" size="20" value="<?=htmlspecialchars($pconfig['pptp_dns1']);?>" />
391	8cd558b6	ayvis	<br />
392	572f4f09	Colin Fleming	<input name="pptp_dns2" type="text" class="formfld unknown" id="pptp_dns2" size="20" value="<?=htmlspecialchars($pconfig['pptp_dns2']);?>" />
393	8cd558b6	ayvis	<br />
394			<?=gettext("primary and secondary DNS servers assigned to PPTP clients"); ?><br />
395	572f4f09	Colin Fleming	</td>
396	c8c416db	Scott Ullrich	</tr>
397			<tr>
398	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("WINS Server"); ?></td>
399			<td width="78%" valign="top" class="vtable">
400	572f4f09	Colin Fleming	<input name="wins" class="formfld unknown" id="wins" size="20" value="<?=htmlspecialchars($pconfig['wins']);?>" />
401	c8c416db	Scott Ullrich	</td>
402			</tr>
403	e2411886	Scott Ullrich	<tr>
404	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("RADIUS"); ?></td>
405	e2411886	Scott Ullrich	<td width="78%" class="vtable">
406	572f4f09	Colin Fleming	<input name="radiusenable" type="checkbox" id="radiusenable" onclick="enable_change(false)" value="yes" <?php if ($pconfig['radiusenable']) echo "checked=\"checked\""; ?> />
407	8cd558b6	ayvis	<strong><?=gettext("Use a RADIUS server for authentication"); ?></strong><br />
408	70085c73	Carlos Eduardo Ramos	<?=gettext("When set, all users will be authenticated using " .
409			"the RADIUS server specified below. The local user database " .
410	8cd558b6	ayvis	"will not be used"); ?>.<br />
411			<br />
412	572f4f09	Colin Fleming	<input name="radacct_enable" type="checkbox" id="radacct_enable" onclick="enable_change(false)" value="yes" <?php if ($pconfig['radacct_enable']) echo "checked=\"checked\""; ?> />
413	8cd558b6	ayvis	<strong><?=gettext("Enable RADIUS accounting"); ?> <br />
414			</strong><?=gettext("Sends accounting packets to the RADIUS server"); ?>.<br />
415			<br />
416	572f4f09	Colin Fleming	<input name="radiussecenable" type="checkbox" id="radiussecenable" onclick="enable_change(false)" value="yes" <?php if ($pconfig['radiussecenable']) echo "checked=\"checked\""; ?> />
417	8cd558b6	ayvis	<strong><?=gettext("Secondary RADIUS server for failover authentication"); ?></strong><br />
418			<?=gettext("When set, all requests will go to the secondary server when primary fails"); ?><br />
419			<br />
420	572f4f09	Colin Fleming	<input name="radiusissueips" value="yes" type="checkbox" class="formfld" id="radiusissueips"<?php if($pconfig['radiusissueips']) echo " checked=\"checked\""; ?> />
421	70085c73	Carlos Eduardo Ramos	<strong><?=gettext("RADIUS issued IPs"); ?></strong>
422	8cd558b6	ayvis	<br /><?=gettext("Issue IP addresses via RADIUS server"); ?>.
423	f9f160b1	Chris Buechler	</td>
424	c8c416db	Scott Ullrich	</tr>
425			<tr>
426	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("RADIUS NAS IP"); ?></td>
427	c8c416db	Scott Ullrich	<td width="78%" valign="top" class="vtable">
428	572f4f09	Colin Fleming	<input name="radius_nasip" class="formfld unknown" id="radius_nasip" size="20" value="<?=htmlspecialchars($pconfig['radius_nasip']);?>" />
429	c8c416db	Scott Ullrich	</td>
430	f9f160b1	Chris Buechler	</tr>
431	c8c416db	Scott Ullrich	<tr>
432	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("RADIUS Accounting Update"); ?></td>
433	c8c416db	Scott Ullrich	<td width="78%" valign="top" class="vtable">
434	572f4f09	Colin Fleming	<input name="radius_acct_update" class="formfld unknown" id="radius_acct_update" size="20" value="<?=htmlspecialchars($pconfig['radius_acct_update']);?>" />
435	c8c416db	Scott Ullrich	</td>
436	f9f160b1	Chris Buechler	</tr>
437	e2411886	Scott Ullrich	<tr>
438	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("RADIUS Server"); ?> </td>
439	78cf56c6	Scott Ullrich	<td width="78%" class="vtable">
440	572f4f09	Colin Fleming	<input name="radiusserver" type="text" class="formfld unknown" id="radiusserver" size="20" value="<?=htmlspecialchars($pconfig['radiusserver']);?>" />
441			<input name="radiusserverport" type="text" class="formfld unknown" id="radiusserverport" size="4" value="<?=htmlspecialchars($pconfig['radiusserverport']);?>" />
442			<input name="radiusserveracctport" type="text" class="formfld unknown" id="radiusserveracctport" size="4" value="<?=htmlspecialchars($pconfig['radiusserveracctport']);?>" />
443	8cd558b6	ayvis	<br />
444	70085c73	Carlos Eduardo Ramos	<?=gettext("Enter the IP address, RADIUS port, and RADIUS accounting port of the RADIUS server"); ?>.</td>
445	5b237745	Scott Ullrich	</tr>
446	e2411886	Scott Ullrich	<tr>
447	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("RADIUS shared secret"); ?></td>
448	78cf56c6	Scott Ullrich	<td width="78%" valign="top" class="vtable">
449	572f4f09	Colin Fleming	<input name="radiussecret" type="password" class="formfld pwd" id="radiussecret" size="20" value="<?=htmlspecialchars($pconfig['radiussecret']);?>" />
450	8cd558b6	ayvis	<br />
451	70085c73	Carlos Eduardo Ramos	<?=gettext("Enter the shared secret that will be used to authenticate " .
452			"to the RADIUS server"); ?>.</td>
453	07cae4b2	Scott Ullrich	</tr>
454			<tr>
455	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Secondary RADIUS server"); ?> </td>
456	07cae4b2	Scott Ullrich	<td width="78%" class="vtable">
457	572f4f09	Colin Fleming	<input name="radiusserver2" type="text" class="formfld unknown" id="radiusserver2" size="20" value="<?=htmlspecialchars($pconfig['radiusserver2']);?>" />
458			<input name="radiusserver2port" type="text" class="formfld unknown" id="radiusserver2port" size="4" value="<?=htmlspecialchars($pconfig['radiusserver2port']);?>" />
459			<input name="radiusserver2acctport" type="text" class="formfld unknown" id="radiusserver2acctport" size="4" value="<?=htmlspecialchars($pconfig['radiusserver2acctport']);?>" />
460	8cd558b6	ayvis	<br />
461	70085c73	Carlos Eduardo Ramos	<?=gettext("Enter the IP address, RADIUS port, and RADIUS accounting port of the RADIUS server"); ?>.</td>
462	07cae4b2	Scott Ullrich	</tr>
463			<tr>
464	70085c73	Carlos Eduardo Ramos	<td width="22%" valign="top" class="vncell"><?=gettext("Secondary RADIUS shared secret"); ?></td>
465	07cae4b2	Scott Ullrich	<td width="78%" valign="top" class="vtable">
466	572f4f09	Colin Fleming	<input name="radiussecret2" type="password" class="formfld pwd" id="radiussecret2" size="20" value="<?=htmlspecialchars($pconfig['radiussecret2']);?>" />
467	8cd558b6	ayvis	<br />
468	70085c73	Carlos Eduardo Ramos	<?=gettext("Enter the shared secret that will be used to authenticate " .
469			"to the secondary RADIUS server"); ?>.</td>
470	07cae4b2	Scott Ullrich	</tr>
471	e2411886	Scott Ullrich	<tr>
472	5b237745	Scott Ullrich	<td height="16" colspan="2" valign="top"></td>
473			</tr>
474	e2411886	Scott Ullrich	<tr>
475	5b237745	Scott Ullrich	<td width="22%" valign="middle"> </td>
476	e2411886	Scott Ullrich	<td width="78%" class="vtable">
477	572f4f09	Colin Fleming	<input name="req128" type="checkbox" id="req128" value="yes" <?php if ($pconfig['req128']) echo "checked=\"checked\""; ?> />
478	8cd558b6	ayvis	<strong><?=gettext("Require 128-bit encryption"); ?></strong><br />
479	70085c73	Carlos Eduardo Ramos	<?=gettext("When set, only 128-bit encryption will be accepted. Otherwise " .
480			"40-bit and 56-bit encryption will be accepted as well. Note that " .
481			"encryption will always be forced on PPTP connections (i.e. " .
482			"unencrypted connections will not be accepted)"); ?>.</td>
483	5b237745	Scott Ullrich	</tr>
484	e2411886	Scott Ullrich	<tr>
485	5b237745	Scott Ullrich	<td width="22%" valign="top"> </td>
486	e2411886	Scott Ullrich	<td width="78%">
487	572f4f09	Colin Fleming	<input name="Submit" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" onclick="enable_change(true)" />
488	5b237745	Scott Ullrich	</td>
489			</tr>
490	e2411886	Scott Ullrich	<tr>
491			<td width="22%" valign="top"> </td>
492	8cd558b6	ayvis	<td width="78%"><span class="vexpl"><span class="red"><strong><?=gettext("Note");?>:<br />
493	62f8bb60	Carlos Eduardo Ramos	</strong></span><?=gettext("don't forget to ");?><a href="firewall_rules.php?if=pptp"><?=gettext("add a firewall rule"); ?></a> <?=gettext("to permit ".
494			"traffic from PPTP clients");?>!</span></td>
495	70085c73	Carlos Eduardo Ramos	</tr>
496	5b237745	Scott Ullrich	</table>
497	96f8c1e2	Bill Marquette	</div>
498	e2411886	Scott Ullrich	</td>
499	5b237745	Scott Ullrich	</tr>
500			</table>
501			</form>
502	91f026b0	ayvis	<script type="text/javascript">
503	572f4f09	Colin Fleming	//<![CDATA[
504	5b237745	Scott Ullrich	enable_change(false);
505	572f4f09	Colin Fleming	//]]>
506	5b237745	Scott Ullrich	</script>
507			<?php include("fend.inc"); ?>
508	9999b3aa	Scott Ullrich	</body>
509			</html>

Project

General

Profile

pfSense