From 01ef1930dc8bdf7fef3f5f367f8efef71cb95ebb Mon Sep 17 00:00:00 2001 From: gurligebis Date: Tue, 24 Jan 2017 21:49:19 +0000 Subject: [PATCH] ipsec: implement web ui for eap-radius --- src/www/vpn_ipsec_phase1.php | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/src/www/vpn_ipsec_phase1.php b/src/www/vpn_ipsec_phase1.php index e3dfa9de1..ed905eb68 100644 --- a/src/www/vpn_ipsec_phase1.php +++ b/src/www/vpn_ipsec_phase1.php @@ -170,6 +170,11 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') { $pconfig['peerid_data'] = ""; } + /* RADIUS server means no CA being sent */ + if ($pconfig['authentication_method'] == "eap-radius") { + $pconfig['caref'] = ""; + } + /* input validation */ $method = $pconfig['authentication_method']; @@ -178,6 +183,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') { switch ($method) { case "eap-tls": case "eap-mschapv2": + case "eap-radius": if ($pconfig['iketype'] != 'ikev2') { $input_errors[] = sprintf(gettext("%s can only be used with IKEv2 type VPNs."), strtoupper($method)); } @@ -461,6 +467,12 @@ include("head.inc"); $(".auth_eap_tls_caref").show(); $(".auth_eap_tls_caref :input").prop( "disabled", false ); break; + case 'eap-radius': + $(".auth_eap_tls").show(); + $(".auth_eap_tls :input").prop( "disabled", false ); + $(".auth_eap_tls_caref").hide(); + $(".auth_eap_tls_caref :input").prop( "disabled", true ); + break; case 'pre_shared_key': if ($("#mobile").val() == undefined) { $(".auth_psk").show(); @@ -697,7 +709,8 @@ include("head.inc"); ?>