Environment variables to define ip-range and static ips

[almico]

Checklist

• [x] I searched existing Issues, and did not find a similar enhancement request
• [x] This enhancement request is about the VPN setup scripts, and not IPsec VPN itself
• [x] I read the README
• [x] I read the Important notes
• [x] I followed instructions to configure VPN clients
• [x] I checked Troubleshooting and VPN status

Describe the enhancement request I would like to have environment variables to define:

• per-user static IPs
• a different IP range, like in ip range = 192.168.42.100-192.168.42.250

Is your enhancement request related to a problem? Please describe. In a setup where the physical server acts also as a router, I would like to allow specific VPN users (via their statically assigned VPN IP) to access the outside world and / or the local network. I would like to achieve this relying only on environment variables.

Additional context Nothing.

[letoams]

On Mon, 17 Jan 2022, almico wrote:

Describe the enhancement request I would like to have environment variables to define:

• per-user static IPs

This is not yet supported directly by libreswan, although planned. And you can work around it by certificate ID wildcard matching.

• a different IP range, like in ip range = 192.168.42.100-192.168.42.250

Like here. I'm not sure if this project supports it, but you can create two conns that only differ in name, addresspool and rightid= wildcard matching.

Note that libreswan does not pass anything via env variables.

Paul

[almico]

Ouch! I started digging the documentation on the "docker-ipsec-vpn-server". I fear I didn't notice there was some cross-reference, thus I ended up opening this issue here, but it makes more sense on the other page. I'm sorry for that!