[xl2tpd] * updated documentation
Paul Wouters
pwouters at fedoraproject.org
Thu Jul 19 15:02:31 UTC 2012
commit c23582bf101439c0e41398f7fd84a2f4d6aa122b
Author: Paul Wouters <pwouters at redhat.com>
Date: Thu Jul 19 11:02:15 2012 -0400
* updated documentation
xl2tpd-1.3.1-conf.patch | 33 ++++++++++++++++++++++++++++++++-
xl2tpd.spec | 8 +++++++-
2 files changed, 39 insertions(+), 2 deletions(-)
---
diff --git a/xl2tpd-1.3.1-conf.patch b/xl2tpd-1.3.1-conf.patch
index 7c240fc..f7e2710 100644
--- a/xl2tpd-1.3.1-conf.patch
+++ b/xl2tpd-1.3.1-conf.patch
@@ -1,7 +1,7 @@
diff -Naur xl2tpd-1.3.1-orig/examples/chapsecrets.sample xl2tpd-1.3.1/examples/chapsecrets.sample
--- xl2tpd-1.3.1-orig/examples/chapsecrets.sample 2011-10-06 15:22:05.000000000 -0400
+++ xl2tpd-1.3.1/examples/chapsecrets.sample 2012-06-12 12:08:26.850851970 -0400
-@@ -1,7 +1,9 @@
+@@ -1,7 +1,10 @@
-# Secrets for authentication using CHAP
-# client server secret IP addresses
-jacco * "mysecret" 192.168.1.128/25
@@ -10,6 +10,7 @@ diff -Naur xl2tpd-1.3.1-orig/examples/chapsecrets.sample xl2tpd-1.3.1/examples/c
-* sam "rumpelstiltskin" 192.168.1.5
-
+# Secrets for authentication on server using CHAP
++# See /etc/ppp/options.xl2tpd on how to use Windows authentication
+# client server secret IP addresses
+jacco * "mysecret" 192.168.1.128/25 # Dynamic IP
+sam * "rumpelstiltskin" 192.168.1.5 # Static IP
@@ -61,3 +62,33 @@ diff -Naur xl2tpd-1.3.1-orig/examples/xl2tpd.conf xl2tpd-1.3.1/examples/xl2tpd.c
refuse pap = yes
require authentication = yes
name = LinuxVPNserver
+diff -aur xl2tpd-1.3.1-orig/examples/ppp-options.xl2tpd xl2tpd-1.3.1/examples/ppp-options.xl2tpd
+--- xl2tpd-1.3.1-orig/examples/ppp-options.xl2tpd 2011-10-06 15:22:05.000000000 -0400
++++ xl2tpd-1.3.1/examples/ppp-options.xl2tpd 2012-07-19 10:54:13.810503823 -0400
+@@ -1,9 +1,10 @@
+ ipcp-accept-local
+ ipcp-accept-remote
+-ms-dns 192.168.1.1
+-ms-dns 192.168.1.3
+-ms-wins 192.168.1.2
+-ms-wins 192.168.1.4
++ms-dns 8.8.8.8
++# ms-dns 192.168.1.1
++# ms-dns 192.168.1.3
++# ms-wins 192.168.1.2
++# ms-wins 192.168.1.4
+ noccp
+ auth
+ crtscts
+@@ -15,3 +16,11 @@
+ lock
+ proxyarp
+ connect-delay 5000
++# To allow authentication against a Windows domain EXAMPLE, and require the
++# user to be in a group "VPN Users". Requires the samba-winbind package
++# require-mschap-v2
++# plugin winbind.so
++# ntlm_auth-helper '/usr/bin/ntlm_auth --helper-protocol=ntlm-server-1 --require-membership-of="EXAMPLE\\VPN Users"'
++# You need to join the domain on the server, for example using samba:
++# http://rootmanager.com/ubuntu-ipsec-l2tp-windows-domain-auth/setting-up-openswan-xl2tpd-with-native-windows-clients-lucid.html
++
diff --git a/xl2tpd.spec b/xl2tpd.spec
index d135674..133f4ed 100644
--- a/xl2tpd.spec
+++ b/xl2tpd.spec
@@ -1,7 +1,7 @@
Summary: Layer 2 Tunnelling Protocol Daemon (RFC 2661)
Name: xl2tpd
Version: 1.3.1
-Release: 9%{?dist}
+Release: 10%{?dist}
License: GPL+
Url: http://www.xelerance.com/software/xl2tpd/
Group: System Environment/Daemons
@@ -15,6 +15,8 @@ Patch4: xl2tpd-1.3.1-conf.patch
Patch5: xl2tpd-1.3.1-pty.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Requires: ppp >= 2.4.5-18, kernel-modules-extra
+# If you want to authenticate against a Microsoft PDC/Active Directory
+# Requires: samba-winbind
BuildRequires: libpcap-devel
BuildRequires: systemd-units
Requires(post): systemd-sysv
@@ -120,6 +122,10 @@ fi
%ghost %attr(0600,root,root) %{_localstatedir}/run/xl2tpd/l2tp-control
%changelog
+* Thu Jul 19 2012 Paul Wouters <pwouters at redhat.com> - 1.3.1-10
+- Updated comments in config files on how to authenticate against
+ a Windows PDC / Active Directory
+
* Tue Jul 03 2012 Paul Wouters <pwouters at redhat.com> - 1.3.1-9
- Rename non-existing openswan.service to ipsec.service (rhbz#836783)
- Start after ipsec.service, but do not require it
More information about the scm-commits
mailing list