L2TP Server - Adding a routed subnet to users

mstevenson86 · Jul 20, 2022, 10:44 AM

Hi,

I have a /24 public subnet announced via a BGP to a cloud-hosted pfsense instance.

I connect to this instance via L2TP and have to manually add a static route when the tunnel is connected to 'push' a /28 block of these addresses to the client.

I can assign a single IP address to the user, but was wondering if an awesome dev could also add the option to assign an IP block to the connection with the route being automatically added to the routing table upon connection. (route add $block $ipaddress)... something to that effect?

stephenw10 · Jul 28, 2022, 6:40 PM

Like this? https://redmine.pfsense.org/issues/13099

mstevenson86 · Jul 28, 2022, 7:36 PM

@stephenw10 Close, but that is for static routes from the Client to the Server, I was looking at adding static routes from server to Client. I have a workaround for now, I added the bold text to /usr/local/sbin/vpn-linkup-l2tp

/usr/local/sbin/vpn-linkup l2tps $1 $2 $3 $4 $5
/usr/local/bin/php-cgi -q /usr/local/sbin/vpn-linkup-l2tp-route $1
route add 44.31.a.a/28 44.31.b.b

Address ending a.a is the route I would like to push to the L2TP user with the assigned address ending in b.b

The script is run everytime a L2TP Client connects, so I can add more routes and it'll just add the routes for connected clients that don't already have routes in the table.

stephenw10 · Jul 28, 2022, 9:12 PM

Ah, OK. Then I'd create it as a feature request in Redmine.