L2TP, RADIUS, RFC 2809

2010-12-01
2013-03-27
  • Crypto Gnome

    Crypto Gnome - 2010-12-01

    Looking through the Manual for 5.5 it looks as if MPD has everything we need to dynamically tunnel-switch L2TP sessions, *EXCEPT* that it does not support RFC 2809 (l2tp compulsory tunnelling via RADIUS) and the tunnel-attributes in a RADIUS access-response.

    Is there a developer who would be interested in coding the required changes and can you give me an estimate of the required time (and your hourly rate)?

     
  • Alexander Motin

    Alexander Motin - 2010-12-01

    MPD 5 supports compulsory tunneling alike to described in RFC 2809 "4.2. Dual authentication" paragraph. When RADIUS server returns authentication result to MPD, it can use mpd-action Vendor-Specific RADIUS attribute to specify either local call termination using "bundle XXX" attribute value, where XXX is some configured bundle (or bundle template) name, or call forwarding using "forward YYY" value, where YYY is a name of link (or link template), configured for making outgoing calls. It last case MPD will not sent authentication result to client, but instead will forward call to tunneling server using specified link.

    One thing MPD doesn't implement in this case is LCP parameters forwarding. It will require tunnel server to redo all LCP negotiation sequence from the beginning.

     
  • Crypto Gnome

    Crypto Gnome - 2010-12-01

    Yes, so it's essentially "the same sort of thing as" but it's not quite the same (specifically, *some* parts have to be configured manually rather than being 100% RADIUS driven).

    So the obvious question is are there any developers out there interested in developing said feature on a $ basis, presumably while we're cutting code we may as well also LCP param forwarding as well, and I'm sure there will be "more things" turning up in interoperability testing.

     
  • Alexander Motin

    Alexander Motin - 2010-12-01

    I'll be very busy next months, but if somebody else wants to take it - welcome. I'll try to help with some comments if needed. If result will be fine, I'll be glad to import it to the next version.

     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

JavaScript is required for this form.





No, thanks