L2TP and multiple interfaces on the machine

Question

We have setup ipsec and l2tp on linux. One question came up (due to firewall management policy) is whether it's possible to have 1 virtual interface instead of one per connected client.
Now we have:
ppp0 serverip clientip1 ppp1 serverip clientip2

Want to have:
l2tp_tun serverip serverip
like with OpenVPN's tun interfaces and then to be able to push IP address and route to each client.

I am not particularly familiar with OpenVPN or if this is what you are trying to acheive, but would it not be possible to offer a ppp ip address assignment using pppd on the other end? — Matthew Ife, Nov 25 '11 at 00:37
it seems as long as we have to use ppp with l2tp stack we are forced with 1 virtual interface per connection — Alex, Nov 25 '11 at 04:05
Yeah but PPPD allows you to assign the ppp endpoint a particular IP address, so you can setup ip address assignment in pppd. — Matthew Ife, Nov 25 '11 at 07:43
as I said in the main question: we need 1 interface on server-side but PPPD seems to create a new interface for every new connection — Alex, Nov 25 '11 at 08:02

score 2 · Accepted Answer · answered Dec 09 '11 at 03:46

2

You can use the interface name ppp+ in iptables rules to match all interfaces starting with the name ppp. This ought to suit your needs.

answered Dec 09 '11 at 03:46

MikeyB

39,291
10
105
189

not quite what is needed but it will have to do the trick. will it also match, say, ppp15? – Alex Dec 09 '11 at 10:34
Yes, `ppp15` starts with `ppp`. – MikeyB Dec 09 '11 at 16:53

L2TP and multiple interfaces on the machine

1 Answers1