From owner-freebsd-net@FreeBSD.ORG  Mon Mar 18 17:23:19 2013
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115])
 by hub.freebsd.org (Postfix) with ESMTP id 89AD8CAC
 for <freebsd-net@freebsd.org>; Mon, 18 Mar 2013 17:23:19 +0000 (UTC)
 (envelope-from lists@rewt.org.uk)
Received: from abby.lhr1.as41113.net (hosted.mx.as41113.net [91.208.177.22])
 by mx1.freebsd.org (Postfix) with ESMTP id 38A3DAEC
 for <freebsd-net@freebsd.org>; Mon, 18 Mar 2013 17:23:18 +0000 (UTC)
Received: from [172.16.8.72] (bella.stf.rewt.org.uk [91.208.177.62])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (No client certificate requested)
 (Authenticated sender: lists@rewt.org.uk)
 by abby.lhr1.as41113.net (Postfix) with ESMTPSA id 3ZV43n055Gz1G1;
 Mon, 18 Mar 2013 17:23:16 +0000 (UTC)
Message-ID: <51474D7D.2030107@rewt.org.uk>
Date: Mon, 18 Mar 2013 17:23:09 +0000
From: Joe Holden <lists@rewt.org.uk>
User-Agent: Thunderbird 2.0.0.24 (Windows/20100228)
MIME-Version: 1.0
To: Yoann Gini <yoann.gini@gmail.com>
Subject: Re: mpd5 and multiple route to send to clients
References: <9EC8E2D3-A52B-4FF1-B840-3D962DF8D917@gmail.com>
 <514665CD.80809@rewt.org.uk> <DA89EA18-0F70-4051-9368-5383F96E8D00@gmail.com>
In-Reply-To: <DA89EA18-0F70-4051-9368-5383F96E8D00@gmail.com>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 8bit
Cc: freebsd-net@freebsd.org
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Mar 2013 17:23:19 -0000

Yoann Gini wrote:
> Hi,
> 
> Thank you for your answer.
> 
> Le 18 mars 2013 à 01:54, Joe Holden <lists@rewt.org.uk> a écrit :
> 
>> If you're using radius, see 'framed-route'... if not, see external auth
> 
> Well, that’s a unexpected answer, I will never think to set that information in the Radius server instead of the VPN server…
> 
> That’s the only way to do that with mpd5 ? For example, on OS X Server we use vpnd who is able to manage route by itself…
> 
> Nevertheless, I try your recommendations and on the users file of my FreeRadius config I’ve that config:
> 
> DEFAULT Auth-Type := ldap
>         Framed-Protocol = PPP,
>         Framed-Route = "10.42.0.0/23 10.42.1.1 1",
>         Fall-Through = 1
> 
> Based on what I’ve seen on different examples. It don’t work. I can’t see this route on my client. What’s wrong with my setup?
> 
The radius entry tells the NAS (mpd in this case) to add a route towards 
the client, the route/ip will still need to be configured on the client 
side, do you see a correct entry on the NAS? (route -n get 10.42.0.0/23)

> Y.