Option added to enforce a configured destination address for DHCP packets

author: Tobias Brunner <tobias@strongswan.org> 2012-07-05 19:06:44 +0200
committer: Tobias Brunner <tobias@strongswan.org> 2012-09-13 10:59:24 +0200
commit: bc6ec4de7314885d2725bccc186a527bda37c2bc (patch)
tree: 32547ba31e77992a4e8bd166974caa2f3880a096 /man/strongswan.conf.5.in
parent: 493f85b696ee74747c1d962007dcb26b2f95e15e (diff)
download: strongswan-bc6ec4de7314885d2725bccc186a527bda37c2bc.tar.bz2
strongswan-bc6ec4de7314885d2725bccc186a527bda37c2bc.tar.xz
1 files changed, 8 insertions, 0 deletions
diff --git a/man/strongswan.conf.5.in b/man/strongswan.conf.5.in
index 70149bce7..4f30c42f0 100644
--- a/man/strongswan.conf.5.in
+++ b/man/strongswan.conf.5.in
@@ -323,6 +323,14 @@ Hashing algorithm to fingerprint coupled certificates
 .BR charon.plugins.coupling.max " [1]"
 Maximum number of coupling entries to create
 .TP
+.BR charon.plugins.dhcp.force_server_address " [no]"
+Always use the configured server address. This might be helpful if the DHCP
+server runs on the same host as strongSwan, and the DHCP daemon does not listen
+on the loopback interface.  In that case the server cannot be reached via
+unicast (or even 255.255.255.255) as that would be routed via loopback.
+Setting this option to yes and configuring the local broadcast address (e.g.
+192.168.0.255) as server address might work.
+.TP
 .BR charon.plugins.dhcp.identity_lease " [no]"
 Derive user-defined MAC address from hash of IKEv2 identity
 .TP
author	Tobias Brunner <tobias@strongswan.org>	2012-07-05 19:06:44 +0200
committer	Tobias Brunner <tobias@strongswan.org>	2012-09-13 10:59:24 +0200
commit	bc6ec4de7314885d2725bccc186a527bda37c2bc (patch)
tree	32547ba31e77992a4e8bd166974caa2f3880a096 /man/strongswan.conf.5.in
parent	493f85b696ee74747c1d962007dcb26b2f95e15e (diff)
download	strongswan-bc6ec4de7314885d2725bccc186a527bda37c2bc.tar.bz2 strongswan-bc6ec4de7314885d2725bccc186a527bda37c2bc.tar.xz