Dain Bentley wrote: > I'd love a copy! Thanks >
+1 > On Friday, March 27, 2015, Brian S. Vangsgaard <b...@avalanic.dk> wrote: > > > Hi, > > > > for the talk he gave at BSDCan IIRC. I don't need to use RADIUS just > a > >> local authentication database. It is in the base and it seems very > easy > >> to configure. > >> > > > > It is. > > > > Is anybody running similar setup in production? Any caveats? Any > other > >> advises before I take a plunge. > >> > > > > Yes I am, with Windows, Mac, Linux and OpenBSD clients connecting. > > > > Very easy to configure (linux being the exception :p). > > > > You only need to change npppd.conf, npppd-users and ipsec.conf and you > are > > in business. > > > > I wrote an up-to-date guide on how to do it, let me know if you want a > > copy. > > > > Caveats... yes. > > I'm currently seeing issues with some clients (might be a client > software > > issue) sending multiple connect requests. I also got a very useful answer off the list. I am just going to quote a snipet [quote] You???ll have problems with NAT-T and clients coming from the same NAT-address. This problem is worked out currently. [/quote] I will post my configuration once when I am done but this topic seems to beg for an updated undeadly article. Thanks to everyone who responded to this thread! PredraG > > The ip-address reserved for the client is being assigned to the first > > request, but it seems like the last request "wins", but alas! no > ip-address > > available (since it was assigned to the first request). > > > > But then again, I have some Windows clients connected for more than 2 > > weeks non-stop, before they disconnect (prob. a Windows update wanting > to > > reboot ;) ). > > > > > > -- > > bsv
