/src/usr/local/www/vpn_l2tp.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/src/usr/local/www/vpn_l2tp.php @ af71b288

1	5656fe23	Ermal Lu?i	<?php
2			/*
3			vpn_l2tp.php
4			part of pfSense
5
6			Copyright (C) 2005 Scott Ullrich (sullrich@gmail.com)
7	ce77a9c4	Phil Davis	Copyright (C) 2013-2015 Electric Sheep Fencing, LP
8	5656fe23	Ermal Lu?i	All rights reserved.
9
10			Redistribution and use in source and binary forms, with or without
11			modification, are permitted provided that the following conditions are met:
12
13			1. Redistributions of source code must retain the above copyright notice,
14			this list of conditions and the following disclaimer.
15
16			2. Redistributions in binary form must reproduce the above copyright
17			notice, this list of conditions and the following disclaimer in the
18			documentation and/or other materials provided with the distribution.
19
20			THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
21			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
22			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
23			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
24			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29			POSSIBILITY OF SUCH DAMAGE.
30			*/
31
32	047cb829	Ermal Lu?i	##\|+PRIV
33			##\|*IDENT=page-vpn-vpnl2tp
34			##\|*NAME=VPN: VPN L2TP page
35			##\|*DESCR=Allow access to the 'VPN: VPN L2TP' page.
36			##\|MATCH=vpn_l2tp.php
37			##\|-PRIV
38
39	5656fe23	Ermal Lu?i	$pgtitle = array(gettext("VPN"), gettext("L2TP"), gettext("L2TP"));
40	b32dd0a6	jim-p	$shortcut_section = "l2tps";
41	5656fe23	Ermal Lu?i
42			require("guiconfig.inc");
43	483e6de8	Scott Ullrich	require_once("vpn.inc");
44	5656fe23	Ermal Lu?i
45			if (!is_array($config['l2tp']['radius'])) {
46			$config['l2tp']['radius'] = array();
47			}
48			$l2tpcfg = &$config['l2tp'];
49
50			$pconfig['remoteip'] = $l2tpcfg['remoteip'];
51			$pconfig['localip'] = $l2tpcfg['localip'];
52	a56120f2	Ermal Lu?i	$pconfig['l2tp_subnet'] = $l2tpcfg['l2tp_subnet'];
53	5656fe23	Ermal Lu?i	$pconfig['mode'] = $l2tpcfg['mode'];
54			$pconfig['interface'] = $l2tpcfg['interface'];
55	c8cc0c1c	smos	$pconfig['l2tp_dns1'] = $l2tpcfg['dns1'];
56			$pconfig['l2tp_dns2'] = $l2tpcfg['dns2'];
57			$pconfig['wins'] = $l2tpcfg['wins'];
58	5656fe23	Ermal Lu?i	$pconfig['radiusenable'] = isset($l2tpcfg['radius']['enable']);
59			$pconfig['radacct_enable'] = isset($l2tpcfg['radius']['accounting']);
60			$pconfig['radiusserver'] = $l2tpcfg['radius']['server'];
61			$pconfig['radiussecret'] = $l2tpcfg['radius']['secret'];
62			$pconfig['radiusissueips'] = $l2tpcfg['radius']['radiusissueips'];
63			$pconfig['n_l2tp_units'] = $l2tpcfg['n_l2tp_units'];
64			$pconfig['paporchap'] = $l2tpcfg['paporchap'];
65	40de0b13	Ermal Lu?i	$pconfig['secret'] = $l2tpcfg['secret'];
66	5656fe23	Ermal Lu?i
67			if ($_POST) {
68
69			unset($input_errors);
70			$pconfig = $_POST;
71
72			/* input validation */
73			if ($_POST['mode'] == "server") {
74			$reqdfields = explode(" ", "localip remoteip");
75	6c07db48	Phil Davis	$reqdfieldsn = array(gettext("Server address"), gettext("Remote start address"));
76	5656fe23	Ermal Lu?i
77			if ($_POST['radiusenable']) {
78			$reqdfields = array_merge($reqdfields, explode(" ", "radiusserver radiussecret"));
79			$reqdfieldsn = array_merge($reqdfieldsn,
80	a3e00d53	Phil Davis	array(gettext("RADIUS server address"), gettext("RADIUS shared secret")));
81	5656fe23	Ermal Lu?i	}
82
83	1e9b4611	Renato Botelho	do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
84	5656fe23	Ermal Lu?i
85			if (($_POST['localip'] && !is_ipaddr($_POST['localip']))) {
86			$input_errors[] = gettext("A valid server address must be specified.");
87			}
88	0a0b17d9	Renato Botelho	if (is_ipaddr_configured($_POST['localip'])) {
89			$input_errors[] = gettext("'Server address' parameter should NOT be set to any IP address currently in use on this firewall.");
90			}
91	a56120f2	Ermal Lu?i	if (($_POST['l2tp_subnet'] && !is_ipaddr($_POST['remoteip']))) {
92	5656fe23	Ermal Lu?i	$input_errors[] = gettext("A valid remote start address must be specified.");
93			}
94			if (($_POST['radiusserver'] && !is_ipaddr($_POST['radiusserver']))) {
95			$input_errors[] = gettext("A valid RADIUS server address must be specified.");
96			}
97
98			/* if this is an AJAX caller then handle via JSON */
99	a3e00d53	Phil Davis	if (isAjax() && is_array($input_errors)) {
100	5656fe23	Ermal Lu?i	input_errors2Ajax($input_errors);
101			exit;
102			}
103
104			if (!$input_errors) {
105	a56120f2	Ermal Lu?i	$_POST['remoteip'] = $pconfig['remoteip'] = gen_subnet($_POST['remoteip'], $_POST['l2tp_subnet']);
106	96033063	Erik Fonnesbeck	$subnet_start = ip2ulong($_POST['remoteip']);
107			$subnet_end = ip2ulong($_POST['remoteip']) + $_POST['n_l2tp_units'] - 1;
108	5656fe23	Ermal Lu?i
109	96033063	Erik Fonnesbeck	if ((ip2ulong($_POST['localip']) >= $subnet_start) &&
110	61144c9b	Sander van Leeuwen	(ip2ulong($_POST['localip']) <= $subnet_end)) {
111	5656fe23	Ermal Lu?i	$input_errors[] = gettext("The specified server address lies in the remote subnet.");
112			}
113	a55e9c70	Ermal Lu?i	if ($_POST['localip'] == get_interface_ip("lan")) {
114	5656fe23	Ermal Lu?i	$input_errors[] = gettext("The specified server address is equal to the LAN interface address.");
115			}
116			}
117			}
118
119			/* if this is an AJAX caller then handle via JSON */
120	a3e00d53	Phil Davis	if (isAjax() && is_array($input_errors)) {
121	5656fe23	Ermal Lu?i	input_errors2Ajax($input_errors);
122			exit;
123			}
124
125			if (!$input_errors) {
126			$l2tpcfg['remoteip'] = $_POST['remoteip'];
127			$l2tpcfg['localip'] = $_POST['localip'];
128	a56120f2	Ermal Lu?i	$l2tpcfg['l2tp_subnet'] = $_POST['l2tp_subnet'];
129	5656fe23	Ermal Lu?i	$l2tpcfg['mode'] = $_POST['mode'];
130			$l2tpcfg['interface'] = $_POST['interface'];
131			$l2tpcfg['n_l2tp_units'] = $_POST['n_l2tp_units'];
132
133			$l2tpcfg['radius']['server'] = $_POST['radiusserver'];
134			$l2tpcfg['radius']['secret'] = $_POST['radiussecret'];
135	40de0b13	Ermal Lu?i	$l2tpcfg['secret'] = $_POST['secret'];
136	5656fe23	Ermal Lu?i
137	a3e00d53	Phil Davis	if ($_POST['wins']) {
138	c8cc0c1c	smos	$l2tpcfg['wins'] = $_POST['wins'];
139	a3e00d53	Phil Davis	} else {
140	c8cc0c1c	smos	unset($l2tpcfg['wins']);
141	a3e00d53	Phil Davis	}
142	c8cc0c1c	smos
143	5656fe23	Ermal Lu?i	$l2tpcfg['paporchap'] = $_POST['paporchap'];
144
145	c8cc0c1c	smos
146			if ($_POST['l2tp_dns1'] == "") {
147	6c07db48	Phil Davis	if (isset($l2tpcfg['dns1'])) {
148	c8cc0c1c	smos	unset($l2tpcfg['dns1']);
149	a3e00d53	Phil Davis	}
150	6c07db48	Phil Davis	} else {
151			$l2tpcfg['dns1'] = $_POST['l2tp_dns1'];
152			}
153	c8cc0c1c	smos
154	6c07db48	Phil Davis	if ($_POST['l2tp_dns2'] == "") {
155			if (isset($l2tpcfg['dns2'])) {
156			unset($l2tpcfg['dns2']);
157	a3e00d53	Phil Davis	}
158	6c07db48	Phil Davis	} else {
159			$l2tpcfg['dns2'] = $_POST['l2tp_dns2'];
160			}
161	c8cc0c1c	smos
162	a3e00d53	Phil Davis	if ($_POST['radiusenable'] == "yes") {
163	5656fe23	Ermal Lu?i	$l2tpcfg['radius']['enable'] = true;
164	a3e00d53	Phil Davis	} else {
165	5656fe23	Ermal Lu?i	unset($l2tpcfg['radius']['enable']);
166	a3e00d53	Phil Davis	}
167	5656fe23	Ermal Lu?i
168	a3e00d53	Phil Davis	if ($_POST['radacct_enable'] == "yes") {
169	5656fe23	Ermal Lu?i	$l2tpcfg['radius']['accounting'] = true;
170	a3e00d53	Phil Davis	} else {
171	5656fe23	Ermal Lu?i	unset($l2tpcfg['radius']['accounting']);
172	a3e00d53	Phil Davis	}
173	5656fe23	Ermal Lu?i
174	a3e00d53	Phil Davis	if ($_POST['radiusissueips'] == "yes") {
175	5656fe23	Ermal Lu?i	$l2tpcfg['radius']['radiusissueips'] = true;
176	a3e00d53	Phil Davis	} else {
177	5656fe23	Ermal Lu?i	unset($l2tpcfg['radius']['radiusissueips']);
178	a3e00d53	Phil Davis	}
179	5656fe23	Ermal Lu?i
180			write_config();
181
182			$retval = 0;
183			$retval = vpn_l2tp_configure();
184			$savemsg = get_std_save_message($retval);
185
186			/* if ajax is calling, give them an update message */
187	a3e00d53	Phil Davis	if (isAjax()) {
188	5656fe23	Ermal Lu?i	print_info_box_np($savemsg);
189	a3e00d53	Phil Davis	}
190	5656fe23	Ermal Lu?i	}
191			}
192
193			include("head.inc");
194			?>
195
196			<script type="text/javascript">
197	d28502be	Colin Fleming	//<![CDATA[
198	6c07db48	Phil Davis	function get_radio_value(obj) {
199	5656fe23	Ermal Lu?i	for (i = 0; i < obj.length; i++) {
200	a3e00d53	Phil Davis	if (obj[i].checked) {
201	5656fe23	Ermal Lu?i	return obj[i].value;
202	a3e00d53	Phil Davis	}
203	5656fe23	Ermal Lu?i	}
204			return null;
205			}
206
207			function enable_change(enable_over) {
208			if ((get_radio_value(document.iform.mode) == "server") \|\| enable_over) {
209			document.iform.remoteip.disabled = 0;
210			document.iform.localip.disabled = 0;
211	a56120f2	Ermal Lu?i	document.iform.l2tp_subnet.disabled = 0;
212	5656fe23	Ermal Lu?i	document.iform.radiusenable.disabled = 0;
213			document.iform.radiusissueips.disabled = 0;
214			document.iform.paporchap.disabled = 0;
215			document.iform.interface.disabled = 0;
216			document.iform.n_l2tp_units.disabled = 0;
217	40de0b13	Ermal Lu?i	document.iform.secret.disabled = 0;
218	c8cc0c1c	smos	document.iform.l2tp_dns1.disabled = 0;
219			document.iform.l2tp_dns2.disabled = 0;
220	a3e00d53	Phil Davis	/* fix colors */
221	5656fe23	Ermal Lu?i	document.iform.remoteip.style.backgroundColor = '#FFFFFF';
222			document.iform.localip.style.backgroundColor = '#FFFFFF';
223	a56120f2	Ermal Lu?i	document.iform.l2tp_subnet.style.backgroundColor = '#FFFFFF';
224	5656fe23	Ermal Lu?i	document.iform.radiusenable.style.backgroundColor = '#FFFFFF';
225			document.iform.radiusissueips.style.backgroundColor = '#FFFFFF';
226			document.iform.paporchap.style.backgroundColor = '#FFFFFF';
227			document.iform.interface.style.backgroundColor = '#FFFFFF';
228			document.iform.n_l2tp_units.style.backgroundColor = '#FFFFFF';
229	40de0b13	Ermal Lu?i	document.iform.secret.style.backgroundColor = '#FFFFFF';
230	5656fe23	Ermal Lu?i	if (document.iform.radiusenable.checked \|\| enable_over) {
231			document.iform.radacct_enable.disabled = 0;
232			document.iform.radiusserver.disabled = 0;
233			document.iform.radiussecret.disabled = 0;
234			document.iform.radiusissueips.disabled = 0;
235	a3e00d53	Phil Davis	/* fix colors */
236	5656fe23	Ermal Lu?i	document.iform.radacct_enable.style.backgroundColor = '#FFFFFF';
237			document.iform.radiusserver.style.backgroundColor = '#FFFFFF';
238			document.iform.radiussecret.style.backgroundColor = '#FFFFFF';
239			document.iform.radiusissueips.style.backgroundColor = '#FFFFFF';
240			} else {
241			document.iform.radacct_enable.disabled = 1;
242			document.iform.radiusserver.disabled = 1;
243			document.iform.radiussecret.disabled = 1;
244			document.iform.radiusissueips.disabled = 1;
245	a3e00d53	Phil Davis	/* fix colors */
246	5656fe23	Ermal Lu?i	document.iform.radacct_enable.style.backgroundColor = '#D4D0C8';
247			document.iform.radiusserver.style.backgroundColor = '#D4D0C8';
248			document.iform.radiussecret.style.backgroundColor = '#D4D0C8';
249			document.iform.radiusissueips.style.backgroundColor = '#D4D0C8';
250			}
251			} else {
252			document.iform.interface.disabled = 1;
253			document.iform.n_l2tp_units.disabled = 1;
254	a56120f2	Ermal Lu?i	document.iform.l2tp_subnet.disabled = 1;
255	c8cc0c1c	smos	document.iform.l2tp_dns1.disabled = 1;
256			document.iform.l2tp_dns2.disabled = 1;
257	5656fe23	Ermal Lu?i	document.iform.paporchap.disabled = 1;
258			document.iform.remoteip.disabled = 1;
259			document.iform.localip.disabled = 1;
260			document.iform.radiusenable.disabled = 1;
261			document.iform.radacct_enable.disabled = 1;
262			document.iform.radiusserver.disabled = 1;
263			document.iform.radiussecret.disabled = 1;
264			document.iform.radiusissueips.disabled = 1;
265	40de0b13	Ermal Lu?i	document.iform.secret.disabled = 1;
266	a3e00d53	Phil Davis	/* fix colors */
267	5656fe23	Ermal Lu?i	document.iform.interface.style.backgroundColor = '#D4D0C8';
268			document.iform.n_l2tp_units.style.backgroundColor = '#D4D0C8';
269	a56120f2	Ermal Lu?i	document.iform.l2tp_subnet.style.backgroundColor = '#D4D0C8';
270	5656fe23	Ermal Lu?i	document.iform.paporchap.style.backgroundColor = '#D4D0C8';
271			document.iform.remoteip.style.backgroundColor = '#D4D0C8';
272			document.iform.localip.style.backgroundColor = '#D4D0C8';
273			document.iform.radiusenable.style.backgroundColor = '#D4D0C8';
274			document.iform.radacct_enable.style.backgroundColor = '#D4D0C8';
275			document.iform.radiusserver.style.backgroundColor = '#D4D0C8';
276			document.iform.radiussecret.style.backgroundColor = '#D4D0C8';
277			document.iform.radiusissueips.style.backgroundColor = '#D4D0C8';
278	40de0b13	Ermal Lu?i	document.iform.secret.style.backgroundColor = '#D4D0C8';
279	5656fe23	Ermal Lu?i	}
280			}
281	d28502be	Colin Fleming	//]]>
282	5656fe23	Ermal Lu?i	</script>
283	61144c9b	Sander van Leeuwen
284			<form class="form-horizontal" action="vpn_l2tp.php" method="post" name="iform" id="iform">
285			<?php if ($input_errors) print_input_errors($input_errors)?>
286			<?php if ($savemsg) print_info_box($savemsg)?>
287
288			<?php
289			$tab_array = array();
290			$tab_array[0] = array(gettext("Configuration"), true, "vpn_l2tp.php");
291			$tab_array[1] = array(gettext("Users"), false, "vpn_l2tp_users.php");
292	748cbea6	Sander van Leeuwen	display_top_tabs($tab_array);
293	61144c9b	Sander van Leeuwen	?>
294
295			<div class="panel panel-default">
296			<div class="panel-heading">
297			<h2 class="panel-title"><?=gettext('Enable L2TP'); ?></h2>
298			</div>
299
300			<div class="panel-body">
301			<div class="form-group">
302			<div class="col-sm-10">
303			<label>
304			<input name="mode" type="radio" onclick="enable_change(false)" value="off" <?php if (($pconfig['mode'] != "server") && ($pconfig['mode'] != "redir")) echo "checked=\"checked\""?> />
305			<?=gettext("Off")?>
306			</label>
307			<label>
308			<input type="radio" name="mode" value="server" onclick="enable_change(false)" <?php if ($pconfig['mode'] == "server") echo "checked=\"checked\""?> />
309			<?=gettext("Enable L2TP server")?>
310			</label>
311			</div>
312			</div>
313			</div>
314			</div>
315
316			<div class="panel panel-default">
317			<div class="panel-heading">
318			<h2 class="panel-title"><?=gettext('Configuration'); ?></h2>
319			</div>
320
321			<div class="panel-body">
322			<div class="form-group">
323			<label for="interface" class="col-sm-2 control-label"><?=gettext("Interface")?></label>
324			<div class="col-sm-2">
325			<select class="form-control" name="interface" class="formselect" id="interface">
326			<?php
327			$interfaces = get_configured_interface_with_descr();
328			foreach ($interfaces as $iface => $ifacename): ?>
329			<option value="<?=$iface?>" <?php if ($iface == $pconfig['interface']) echo "selected=\"selected\""?>>
330			<?=htmlspecialchars($ifacename)?>
331			</option>
332			<?php endforeach?>
333			</select>
334			</div>
335			</div>
336			<div class="form-group">
337			<label for="localip" class="col-sm-2 control-label"><?=gettext("Server Address")?></label>
338			<div class="col-sm-10">
339			<?=$mandfldhtml?><input name="localip" type="text" class="form-control formfld unknown" id="localip" size="20" value="<?=htmlspecialchars($pconfig['localip'])?>" />
340
341			<span class="help-block">
342			<?=gettext("Enter the IP address the L2TP server should give to clients for use as their \"gateway\"")?>.
343			<br />
344			<?=gettext("Typically this is set to an unused IP just outside of the client range")?>.
345			<br />
346			<br />
347			<?=gettext("NOTE: This should NOT be set to any IP address currently in use on this firewall")?>.
348			</span>
349			</div>
350			</div>
351
352			<div class="form-group">
353			<label for="remoteip" class="col-sm-2 control-label"><?=gettext("Remote Address Range")?></label>
354			<div class="col-sm-10">
355			<?=$mandfldhtml?><input name="remoteip" type="text" class="form-control formfld unknown" id="remoteip" size="20" value="<?=htmlspecialchars($pconfig['remoteip'])?>" />
356			<span class="help-block">
357			<?=gettext("Specify the starting address for the client IP address subnet.")?>
358			</span>
359			</div>
360			</div>
361
362			<div class="form-group">
363			<label for="l2tp_subnet" class="col-sm-2 control-label"><?=gettext("Subnet Mask")?></label>
364			<div class="col-sm-2">
365			<select id="l2tp_subnet" name="l2tp_subnet" class="form-control">
366			<?php
367			for($x=0; $x<33; $x++) {
368			if($x == $pconfig['l2tp_subnet'])
369			$SELECTED = " selected=\"selected\"";
370			else
371			$SELECTED = "";
372			echo "<option value=\"{$x}\"{$SELECTED}>{$x}</option>\n";
373			}
374			?>
375			</select>
376			<span class="help-block">
377			<?=gettext("Hint:")?> 24 <?=gettext("is")?> 255.255.255.0
378			</span>
379			</div>
380			</div>
381
382			<div class="form-group">
383			<label for="n_l2tp_units" class="col-sm-2 control-label"><?=gettext("Number of L2TP users")?></label>
384			<div class="col-sm-2">
385			<select id="n_l2tp_units" name="n_l2tp_units" class="form-control">
386	5656fe23	Ermal Lu?i	<?php
387	61144c9b	Sander van Leeuwen	for($x=0; $x<255; $x++) {
388			if($x == $pconfig['n_l2tp_units'])
389			$SELECTED = " selected=\"selected\"";
390			else
391			$SELECTED = "";
392			echo "<option value=\"{$x}\"{$SELECTED}>{$x}</option>\n";
393			}
394	5656fe23	Ermal Lu?i	?>
395	61144c9b	Sander van Leeuwen	</select>
396			<span class="help-block">
397			<?=gettext("Hint:")?> 10 <?=gettext("is ten L2TP clients")?>
398			</span>
399			</div>
400			</div>
401
402			<div class="form-group">
403			<label for="secret" class="col-sm-2 control-label"><?=gettext("Secret")?></label>
404			<div class="col-sm-10">
405			<input type="password" name="secret" id="secret" class="formfld pwd form-control" value="<?=htmlspecialchars($pconfig['secret'])?>" />
406			<span class="help-block">
407			<?=gettext("Specify optional secret shared between peers. Required on some devices/setups.")?>
408			</span>
409			</div>
410			</div>
411
412			<div class="form-group">
413			<label for="paporchap" class="col-sm-2 control-label"><?=gettext("Authentication Type")?></label>
414			<div class="col-sm-2">
415			<?=$mandfldhtml?><select name="paporchap" id="paporchap" class="form-control">
416			<option value='chap'<?php if($pconfig['paporchap'] == "chap") echo " selected=\"selected\""?>><?=gettext("CHAP")?></option>
417			<option value='pap'<?php if($pconfig['paporchap'] == "pap") echo " selected=\"selected\""?>><?=gettext("PAP")?></option>
418			</select>
419			<span class="help-block">
420			<?=gettext("Specifies which protocol to use for authentication.")?>
421			</span>
422			</div>
423			</div>
424
425			<div class="form-group">
426			<label for="l2tp_dns1" class="col-sm-2 control-label"><?=gettext("L2TP DNS Servers")?></label>
427			<div class="col-sm-10">
428			<?=$mandfldhtml?><input name="l2tp_dns1" type="text" class="formfld unknown form-control" id="l2tp_dns1" size="20" value="<?=htmlspecialchars($pconfig['l2tp_dns1'])?>" />
429			<input name="l2tp_dns2" type="text" class="formfld unknown form-control" id="l2tp_dns2" size="20" value="<?=htmlspecialchars($pconfig['l2tp_dns2'])?>" />
430			<span class="help-block">
431			<?=gettext("primary and secondary DNS servers assigned to L2TP clients")?>
432			</span>
433			</div>
434			</div>
435
436			<div class="form-group">
437			<label for="wins" class="col-sm-2 control-label"><?=gettext("WINS Server")?></label>
438			<div class="col-sm-10">
439			<input name="wins" class="formfld unknown form-control" id="wins" size="20" value="<?=htmlspecialchars($pconfig['wins'])?>" />
440			</div>
441			</div>
442			</div>
443			</div>
444
445			<div class="panel panel-default">
446			<div class="panel-heading">
447			<h2 class="panel-title"><?=gettext('RADIUS'); ?></h2>
448			</div>
449
450			<div class="panel-body">
451			<div class="form-group">
452	44fb6286	Chris Buechler	<label for="radiusenable" class="col-sm-2 control-label"><?=gettext('RADIUS Authentication')?></label>
453	61144c9b	Sander van Leeuwen	<div class="col-sm-10 checkbox">
454			<label>
455			<input name="radiusenable" type="checkbox" id="radiusenable" onclick="enable_change(false)" value="yes" <?php if ($pconfig['radiusenable']) echo "checked=\"checked\""?> />
456			<?=gettext("Use a RADIUS server for authentication")?>
457			</label>
458			<span class="help-block">
459			<?=gettext("When set, all users will be authenticated using the RADIUS server specified below. The local user database will not be used.")?>
460			</span>
461			</div>
462			</div>
463			<div class="form-group">
464	44fb6286	Chris Buechler	<label for="radacct_enable" class="col-sm-2 control-label"><?=gettext('RADIUS Accounting')?></label>
465	61144c9b	Sander van Leeuwen	<div class="col-sm-10 checkbox">
466			<label>
467			<input name="radacct_enable" type="checkbox" id="radacct_enable" onclick="enable_change(false)" value="yes" <?php if ($pconfig['radacct_enable']) echo "checked=\"checked\""?> />
468			<?=gettext("Enable RADIUS accounting")?>
469			</label>
470			<span class="help-block">
471			<?=gettext("Sends accounting packets to the RADIUS server.")?>
472			</span>
473			</div>
474			</div>
475
476			<div class="form-group">
477			<label for="radiusserver" class="col-sm-2 control-label"><?=gettext("RADIUS Server")?></label>
478			<div class="col-sm-10">
479			<input name="radiusserver" type="text" class="formfld unknown form-control" id="radiusserver" size="20" value="<?=htmlspecialchars($pconfig['radiusserver'])?>" />
480			<span class="help-block">
481			<?=gettext("Enter the IP address of the RADIUS server.")?>
482			</span>
483			</div>
484			</div>
485			<div class="form-group">
486			<label for="radiussecret" class="col-sm-2 control-label"><?=gettext("RADIUS Shared Secret")?></label>
487			<div class="col-sm-10">
488			<input name="radiussecret" type="password" class="formfld pwd form-control" id="radiussecret" size="20" value="<?=htmlspecialchars($pconfig['radiussecret'])?>" />
489			<span class="help-block">
490			<?=gettext("Enter the shared secret that will be used to authenticate to the RADIUS server.")?>
491			</span>
492			</div>
493			</div>
494
495			<div class="form-group">
496	44fb6286	Chris Buechler	<label for="radiusissueips" class="col-sm-2 control-label"><?=gettext("RADIUS Issued IPs")?></label>
497	61144c9b	Sander van Leeuwen	<div class="col-sm-10 checkbox">
498			<label>
499			<input name="radiusissueips" value="yes" type="checkbox" class="formfld" id="radiusissueips"<?php if(isset($pconfig['radiusissueips'])) echo " checked=\"checked\""?> />
500			<?=gettext("Issue IP Addresses via RADIUS server.")?>
501			</label>
502			</div>
503			</div>
504			</div>
505			</div>
506
507	c4a7740d	Sander van Leeuwen	<?php
508			// TODO: Is it possible to detect available rules and only show warning if there are no (relevant) rules set?
509			?>
510	61144c9b	Sander van Leeuwen	<div class="alert alert-danger">
511			<strong><?=gettext("Note:")?></strong> <?=gettext("Don't forget to add a firewall rule to permit traffic from L2TP clients!")?>
512			</div>
513
514			<div class="col-sm-10 col-sm-offset-2">
515			<input id="submit" name="Submit" type="submit" class="btn btn-primary" value="<?=gettext("Save")?>" onclick="enable_change(true)" />
516			</div>
517	5656fe23	Ermal Lu?i	</form>
518
519			<script type="text/javascript">
520	d28502be	Colin Fleming	//<![CDATA[
521	5656fe23	Ermal Lu?i	enable_change(false);
522	d28502be	Colin Fleming	//]]>
523	5656fe23	Ermal Lu?i	</script>
524
525	61144c9b	Sander van Leeuwen	<?php include("foot.inc")?>

Project

General

Profile

pfSense