# FreeBSD interoperability with Cisco VPN Concentrator 3000 Series
# By James Flemer <jflemer@alum.rpi.edu>
# http://www.cs.rpi.edu/~flemej/fbsd-cisco-vpn/
#
# VPN Concentrator:
#   public IP:  192.168.0.2
#   private IP: 10.0.0.2
#
# Client
#   public IP:  192.168.2.42
#   tunnel:     10.0.2.43(*) <--> 192.168.0.2
#
# (*) Assumed. This will probably be dynamic.
#
# The RPI configurations should just work for the RPI wireless VPN.
# Comment out the "load ciscovpn" and uncomment the "load rpi".
#

default:
	load ciscovpn
#	load rpi

ciscovpn:
	new -i ng0 ciscovpn pptp192
	set bundle authname "grenel"
	set ipcp ranges 10.0.2.42/8 192.168.0.2/16
	set iface up-script /usr/local/etc/mpd/ciscovpn-iface-up.sh
	load ciscopptp
	open

rpivpn:
	new -i ng1 rpivpn pptprpi
	set bundle authname "rcsid"
	set ipcp ranges 10.0.0.1/22 192.168.254.253/22
	set iface up-script /usr/local/etc/mpd/rpi-iface-up.sh
	set link mtu 1460
	load ciscopptp
	open

ciscopptp:
#	log -bund -lcp -auth -ipcp -ccp
	set bundle disable compression encryption
	set bundle no crypt-reqd
	set iface idle 0
	set ipcp disable vjcomp
	set ipcp enable req-pri-dns req-sec-dns
#	set link mtu 1460
	set link max-redial 1
	set link keep-alive 0 0
	set link disable pap chap
	set link disable acfcomp protocomp