Hi
I need to assign a static ip for PPTP VPN Clients.
I already tried use /etc/ppp/chap-secrets, but it didn't work because PPTP use ldap and not chap-secrets.
Someone can help ?
I need to assign a static ip for PPTP VPN Clients.
I already tried use /etc/ppp/chap-secrets, but it didn't work because PPTP use ldap and not chap-secrets.
Someone can help ?
In PPTP Server
Share this post:
Accepted Answer
I can't remember the location of the file. Something like /var/lib/openvpn/ipp.txt. Have a look in /etc/clearos/clients.conf. It has one line pointing to the file. Normally OpenVPN builds this file by itself as new clients connect and it uses this to try to give the same IP to the same client. From memory it uses the username from the certificate and an IP. The IP's increment by 4 every time. If you want to guarantee fixed IP's (mine don't seem to move) you can set the immutable bit on the file (chattr +I filename) so the system can't update it. There is no harm doing that. I believe it is the recommended way. You'd need to remove the immutable bit every time you wanted to edit the file to add a new host.
Responses (3)
-
Accepted Answer
Hi Carlos,
I had a sudden thought and there is a better way to handle IP persistence in /var/lib/openvpn/ipp.txt. In /etc/openvpn/clients.conf, change the number at the end of the ifconfig-pool-persist line (120) to 0. OpenVPN should then treat the file as read-only. See the man pages here. -
Accepted Answer
-
Accepted Answer
I think the question was asked a few years ago and there was no answer then.
Can I make my usual point? These days even Micro$oft, who created the protocol, no longer recommend you use it as its security is easily broken. OpenVPN is a more secure solution and you can assign static IP's. If you require auto-login on start up (so no user/pass authentication, relying on certificates only), this is also easy to set up although not through the ClearOS webconfig.
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »