vpn_ipsec_mobile.php 23.1 KB
Newer Older
Ad Schellevis's avatar
Ad Schellevis committed
1
<?php
2

Ad Schellevis's avatar
Ad Schellevis committed
3
/*
4
	Copyright (C) 2014-2015 Deciso B.V.
Ad Schellevis's avatar
Ad Schellevis committed
5 6
	Copyright (C) 2008 Shrew Soft Inc
	All rights reserved.
7

Ad Schellevis's avatar
Ad Schellevis committed
8 9
	Redistribution and use in source and binary forms, with or without
	modification, are permitted provided that the following conditions are met:
10

Ad Schellevis's avatar
Ad Schellevis committed
11 12
	1. Redistributions of source code must retain the above copyright notice,
	   this list of conditions and the following disclaimer.
13

Ad Schellevis's avatar
Ad Schellevis committed
14 15 16
	2. Redistributions in binary form must reproduce the above copyright
	   notice, this list of conditions and the following disclaimer in the
	   documentation and/or other materials provided with the distribution.
17

Ad Schellevis's avatar
Ad Schellevis committed
18 19 20 21 22 23 24 25 26 27 28 29
	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
	POSSIBILITY OF SUCH DAMAGE.
*/

30
require_once("interfaces.inc");
31
require_once("guiconfig.inc");
32
require_once("filter.inc");
Ad Schellevis's avatar
Ad Schellevis committed
33
require_once("vpn.inc");
34
require_once("services.inc");
35
require_once("pfsense-utils.inc");
Ad Schellevis's avatar
Ad Schellevis committed
36

37
if (!isset($config['ipsec']) || !is_array($config['ipsec'])) {
38
    $config['ipsec'] = array();
39
}
40

41
if (!isset($config['ipsec']['phase1'])) {
42
    $config['ipsec']['phase1'] = array();
43
}
Ad Schellevis's avatar
Ad Schellevis committed
44

45
if (!isset($config['ipsec']['client'])) {
46
    $config['ipsec']['client'] = array();
47
}
Ad Schellevis's avatar
Ad Schellevis committed
48

49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67
// define formfields
$form_fields = "user_source,group_source,pool_address,pool_netbits,net_list
,save_passwd,dns_domain,dns_split,dns_server1,dns_server2,dns_server3
,dns_server4,wins_server1,wins_server2,pfs_group,login_banner";

if ($_SERVER['REQUEST_METHOD'] === 'GET') {
    $pconfig = array();
    // defaults
    $pconfig['pool_netbits'] = 24;

    // copy / initialize $pconfig attributes
    foreach (explode(",",$form_fields) as $fieldname) {
      $fieldname = trim($fieldname);
      if(isset($config['ipsec']['client'][$fieldname])) {
        $pconfig[$fieldname] = $config['ipsec']['client'][$fieldname];
      } elseif (!isset($pconfig[$fieldname])) {
        // initialize element
        $pconfig[$fieldname] = null;
      }
68
    }
69 70
    if (isset($config['ipsec']['client']['enable'])) {
        $pconfig['enable'] = true;
71
    }
72 73
    if (isset($config['ipsec']['client']['net_list'])) {
        $pconfig['net_list'] = true;
74 75
    }

76 77
    if (isset($config['ipsec']['client']['save_passwd'])) {
        $pconfig['save_passwd'] = true;
78
    }
79 80
} elseif ($_SERVER['REQUEST_METHOD'] === 'POST') {
    $input_errors = array();
81
    $pconfig = $_POST;
82 83 84 85 86 87 88
    if (isset($_POST['create'])) {
        // create new phase1 entry
        header("Location: vpn_ipsec_phase1.php?mobile=true");
    } elseif (isset($_POST['apply'])) {
        // apply changes
        $retval = 0;
        $retval = vpn_ipsec_configure();
89
        $savemsg = get_std_save_message();
90 91 92 93 94 95 96
        if ($retval >= 0) {
            if (is_subsystem_dirty('ipsec')) {
                clear_subsystem_dirty('ipsec');
            }
        }
    } elseif (isset($_POST['submit'])) {
        // save form changes
Ad Schellevis's avatar
Ad Schellevis committed
97

98 99 100 101
        // input preparations
        if (!empty($pconfig['user_source'])) {
            $pconfig['user_source'] = implode(",", $pconfig['user_source']);
        }
Ad Schellevis's avatar
Ad Schellevis committed
102

103 104 105 106
        /* input validation */
        $reqdfields = explode(" ", "user_source group_source");
        $reqdfieldsn =  array(gettext("User Authentication Source"),gettext("Group Authentication Source"));
        do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
Ad Schellevis's avatar
Ad Schellevis committed
107

108
        if (!empty($pconfig['pool_address']) && !is_ipaddr($pconfig['pool_address'])) {
109 110 111
            $input_errors[] = gettext("A valid IP address for 'Virtual Address Pool Network' must be specified.");
        }

112
        if (!empty($pconfig['dns_domain']) && !is_domain($pconfig['dns_domain'])) {
113 114 115 116 117 118 119 120 121 122 123 124 125
            $input_errors[] = gettext("A valid value for 'DNS Default Domain' must be specified.");
        }

        if (!empty($pconfig['dns_split'])) {
            $domain_array=preg_split("/[ ,]+/", $pconfig['dns_split']);
            foreach ($domain_array as $curdomain) {
                if (!is_domain($curdomain)) {
                    $input_errors[] = gettext("A valid split DNS domain list must be specified.");
                    break;
                }
            }
        }

126
        if (!empty($pconfig['dns_server1']) && !is_ipaddr($pconfig['dns_server1'])) {
127 128
            $input_errors[] = gettext("A valid IP address for 'DNS Server #1' must be specified.");
        }
129
        if (!empty($pconfig['dns_server2']) && !is_ipaddr($pconfig['dns_server2'])) {
130 131
            $input_errors[] = gettext("A valid IP address for 'DNS Server #2' must be specified.");
        }
132
        if (!empty($pconfig['dns_server3']) && !is_ipaddr($pconfig['dns_server3'])) {
133 134
            $input_errors[] = gettext("A valid IP address for 'DNS Server #3' must be specified.");
        }
135
        if (!empty($pconfig['dns_server4']) && !is_ipaddr($pconfig['dns_server4'])) {
136 137 138
            $input_errors[] = gettext("A valid IP address for 'DNS Server #4' must be specified.");
        }

139
        if (!empty($pconfig['wins_server1']) && !is_ipaddr($pconfig['wins_server1'])) {
140 141
            $input_errors[] = gettext("A valid IP address for 'WINS Server #1' must be specified.");
        }
142
        if (!empty($pconfig['wins_server2']) && !is_ipaddr($pconfig['wins_server2'])) {
143 144 145
            $input_errors[] = gettext("A valid IP address for 'WINS Server #2' must be specified.");
        }

146 147 148 149 150 151 152 153 154 155 156 157 158 159
        if (count($input_errors) == 0) {
            $client = array();
            $copy_fields = "user_source,group_source,pool_address,pool_netbits,dns_domain,dns_server1
            ,dns_server2,dns_server3,dns_server4,wins_server1,wins_server2
            ,dns_split,pfs_group,login_banner";
            foreach (explode(",",$copy_fields) as $fieldname) {
							$fieldname = trim($fieldname);
							if(!empty($pconfig[$fieldname])) {
								$client[$fieldname] = $pconfig[$fieldname];
							}
						}
            if (!empty($pconfig['enable'])) {
                $client['enable'] = true;
            }
160

161 162 163
            if (!empty($pconfig['net_list'])) {
                $client['net_list'] = true;
            }
164

165 166 167
            if (!empty($pconfig['save_passwd'])) {
                $client['save_passwd'] = true;
            }
168

169
            $config['ipsec']['client'] = $client;
170

171 172
            write_config();
            mark_subsystem_dirty('ipsec');
173

174 175
            header("Location: vpn_ipsec_mobile.php");
            exit;
176
        }
177
    }
Ad Schellevis's avatar
Ad Schellevis committed
178

179 180 181 182 183 184
    // initialize missing post attributes
    foreach (explode(",",$form_fields) as $fieldname) {
      $fieldname = trim($fieldname);
      if (!isset($pconfig[$fieldname])) {
        $pconfig[$fieldname] = null;
      }
185
    }
Ad Schellevis's avatar
Ad Schellevis committed
186 187
}

188 189
legacy_html_escape_form_data($pconfig);

Ad Schellevis's avatar
Ad Schellevis committed
190 191 192 193 194 195
$pgtitle = array(gettext("VPN"),gettext("IPsec"),gettext("Mobile"));
$shortcut_section = "ipsec";

include("head.inc");
?>

196
<body>
Ad Schellevis's avatar
Ad Schellevis committed
197 198 199

<script type="text/javascript">
//<![CDATA[
200 201 202 203 204 205 206 207 208
$( document ).ready(function() {
  pool_change();
  dns_domain_change();
  dns_split_change();
  dns_server_change();
  wins_server_change();
  pfs_group_change();
  login_banner_change();
});
Ad Schellevis's avatar
Ad Schellevis committed
209 210 211 212 213 214 215 216 217 218 219 220 221 222

function pool_change() {

	if (document.iform.pool_enable.checked) {
		document.iform.pool_address.disabled = 0;
		document.iform.pool_netbits.disabled = 0;
	} else {
		document.iform.pool_address.disabled = 1;
		document.iform.pool_netbits.disabled = 1;
	}
}

function dns_domain_change() {

223 224 225 226 227
	if (document.iform.dns_domain_enable.checked) {
    document.iform.dns_domain.disabled = 0;
    $("#dns_domain").addClass('show');
    $("#dns_domain").removeClass('hidden');
  } else {
Ad Schellevis's avatar
Ad Schellevis committed
228
		document.iform.dns_domain.disabled = 1;
229 230 231
    $("#dns_domain").addClass('hidden');
    $("#dns_domain").removeClass('show');
  }
Ad Schellevis's avatar
Ad Schellevis committed
232 233 234 235
}

function dns_split_change() {

236 237 238 239 240 241 242 243 244 245
	if (document.iform.dns_split_enable.checked){
    document.iform.dns_split.disabled = 0;
    $("#dns_split").addClass('show');
    $("#dns_split").removeClass('hidden');
  } else {
    document.iform.dns_split.disabled = 1;
    $("#dns_split").addClass('hidden');
    $("#dns_split").removeClass('show');
  }

Ad Schellevis's avatar
Ad Schellevis committed
246 247 248 249 250 251 252 253 254
}

function dns_server_change() {

	if (document.iform.dns_server_enable.checked) {
		document.iform.dns_server1.disabled = 0;
		document.iform.dns_server2.disabled = 0;
		document.iform.dns_server3.disabled = 0;
		document.iform.dns_server4.disabled = 0;
255 256
    $("#dns_server_enable_inputs").addClass('show');
    $("#dns_server_enable_inputs").removeClass('hidden');
Ad Schellevis's avatar
Ad Schellevis committed
257 258 259 260 261
	} else {
		document.iform.dns_server1.disabled = 1;
		document.iform.dns_server2.disabled = 1;
		document.iform.dns_server3.disabled = 1;
		document.iform.dns_server4.disabled = 1;
262 263
    $("#dns_server_enable_inputs").addClass('hidden');
    $("#dns_server_enable_inputs").removeClass('show');
Ad Schellevis's avatar
Ad Schellevis committed
264 265 266 267 268 269 270 271
	}
}

function wins_server_change() {

	if (document.iform.wins_server_enable.checked) {
		document.iform.wins_server1.disabled = 0;
		document.iform.wins_server2.disabled = 0;
272 273
    $("#wins_server_enable_inputs").addClass('show');
    $("#wins_server_enable_inputs").removeClass('hidden');
Ad Schellevis's avatar
Ad Schellevis committed
274 275 276
	} else {
		document.iform.wins_server1.disabled = 1;
		document.iform.wins_server2.disabled = 1;
277 278
    $("#wins_server_enable_inputs").addClass('hidden');
    $("#wins_server_enable_inputs").removeClass('show');
Ad Schellevis's avatar
Ad Schellevis committed
279 280 281 282 283
	}
}

function pfs_group_change() {

284 285 286 287 288 289 290 291 292
	if (document.iform.pfs_group_enable.checked) {
    document.iform.pfs_group.disabled = 0;
    $("#pfs_group").addClass('show');
    $("#pfs_group").removeClass('hidden');
  } else {
    document.iform.pfs_group.disabled = 1;
    $("#pfs_group").addClass('hidden');
    $("#pfs_group").removeClass('show');
  }
Ad Schellevis's avatar
Ad Schellevis committed
293 294 295 296
}

function login_banner_change() {

297 298 299 300 301 302 303 304 305
	if (document.iform.login_banner_enable.checked) {
    document.iform.login_banner.disabled = 0;
    $("#login_banner").addClass('show');
    $("#login_banner").removeClass('hidden');
  } else {
    document.iform.login_banner.disabled = 1;
    $("#login_banner").addClass('hidden');
    $("#login_banner").removeClass('show');
  }
Ad Schellevis's avatar
Ad Schellevis committed
306 307 308 309 310
}

//]]>
</script>

311
<?php include("fbegin.inc"); ?>
Ad Schellevis's avatar
Ad Schellevis committed
312

313
	<section class="page-content-main">
314
		<div class="container-fluid">
315
			<div class="row">
316
<?php
317
                if (isset($savemsg)) {
318 319 320 321 322
                    print_info_box($savemsg);
                }
                if (isset($config['ipsec']['enable']) && is_subsystem_dirty('ipsec')) {
                    print_info_box_np(gettext("The IPsec tunnel configuration has been changed") . ".<br />" . gettext("You must apply the changes in order for them to take effect."));
                }
323 324
                $ph1found = false;
                foreach ($config['ipsec']['phase1'] as $ph1ent) {
325 326 327 328
                    if (isset($ph1ent['mobile'])) {
                        $ph1found = true;
                    }
                }
329
                if (!empty($pconfig['enable']) && !$ph1found) {
330 331
                    print_info_box_np(gettext("Support for IPsec Mobile clients is enabled but a Phase1 definition was not found") . ".<br />" . gettext("Please click Create to define one."), gettext("create"), gettext("Create Phase1"));
                }
332
                if (isset($input_errors) && count($input_errors) > 0) {
333 334
                    print_input_errors($input_errors);
                }
335
?>
336
			    <section class="col-xs-12">
337

338 339 340 341
<? $active_tab = "/vpn_ipsec_mobile.php";
                include('vpn_ipsec_tabs.inc');
?>
					 <div class="tab-content content-box col-xs-12">
342
							 <form action="vpn_ipsec_mobile.php" method="post" name="iform" id="iform">
343 344
							 <div class="table-responsive">
								<table class="table table-striped table-sort">
345 346 347 348
                    <tr>
                      <td width="22%"><b><?=gettext("IKE Extensions"); ?> </b></td>
                      <td width="78%" align="right">
                        <small><?=gettext("full help"); ?> </small>
349
                        <i class="fa fa-toggle-off text-danger"  style="cursor: pointer;" id="show_all_help_page" type="button"></i></a>
350 351
                      </td>
                    </tr>
352
									<tr>
353
                      <td><a id="help_for_enabled" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Enable")?></td>
354
										<td>
355 356 357 358
                        <input name="enable" type="checkbox" id="enable" value="yes" <?= !empty($pconfig['enable']) ? "checked=\"checked\"" : "";?> />
                        <div class="hidden" for="help_for_enabled">
                          <?=gettext("Enable IPsec Mobile Client Support"); ?>
                        </div>
359 360
										</td>
									</tr>
361
                    <tr>
362 363
										<td colspan="2"><b><?=gettext("Extended Authentication (Xauth)"); ?></b></td>
									</tr>
364
                    <tr>
365 366 367 368 369
									<tr>
										<td><i class="fa fa-info-circle text-muted"></i> <?=gettext("User Authentication"); ?></td>
										<td>
											<?=gettext("Source"); ?>:
											<select name="user_source[]" class="form-control" id="user_source" multiple="multiple" size="3">
370 371 372 373 374 375 376
<?php
                        $authmodes = explode(",", $pconfig['user_source']);
                        $auth_servers = auth_get_authserver_list();
                        foreach ($auth_servers as $auth_server) :
?>
                          <option value="<?=htmlspecialchars($auth_server['name'])?>" <?=in_array($auth_server['name'], $authmodes) ? "selected=\"selected\"" : ""?> ><?=$auth_server['name']?></option>
<?php                   endforeach;
377
?>
378 379 380 381 382 383 384 385 386 387 388 389
											</select>
										</td>
									</tr>
									<tr>
										<td><i class="fa fa-info-circle text-muted"></i> <?=gettext("Group Authentication"); ?></td>
										<td>
											<select name="group_source" class="form-control" id="group_source">
												<option value="none"><?=gettext("none"); ?></option>
												<option value="system" <?= $pconfig['group_source'] == "system" ?  "selected=\"selected\"" : "";?>><?=gettext("system"); ?></option>
											</select>
										</td>
									</tr>
390 391 392
                    <tr>
                      <td colspan="2"><b><?=gettext("Client Configuration (mode-cfg)"); ?> </b></td>
                    </tr>
393 394 395
									<tr>
										<td><i class="fa fa-info-circle text-muted"></i> <?=gettext("Virtual Address Pool"); ?></td>
										<td>
396 397
                        <input name="pool_enable" type="checkbox" id="pool_enable" value="yes" <?= !empty($pconfig['pool_address'])&&!empty($pconfig['pool_netbits']) ? "checked=\"checked\"" : "";?> onclick="pool_change()" />
                        <?=gettext("Provide a virtual IP address to clients"); ?><br />
398 399 400 401 402
											<?=gettext("Network"); ?>:&nbsp;
											<input name="pool_address" type="text" class="form-control unknown" id="pool_address" size="20" value="<?=$pconfig['pool_address'];?>" />
											/
											<select name="pool_netbits" class="form-control" id="pool_netbits">
															<?php for ($i = 32; $i >= 0; $i--) :
403
  ?>
404 405 406 407
															<option value="<?=$i;?>" <?= ($i == $pconfig['pool_netbits']) ? "selected=\"selected\"" : "";?>>
																<?=$i;?>
															</option>
															<?php
408
  endfor; ?>
409 410 411 412 413 414
											</select>
										</td>
									</tr>
									<tr>
										<td><a id="help_for_net_list" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Network List"); ?></td>
										<td>
415 416 417 418
                        <input name="net_list" type="checkbox" id="net_list_enable" value="yes" <?= !empty($pconfig['net_list']) ? "checked=\"checked\"" : "";?> />
                        <div class="hidden" for="help_for_net_list">
                          <?=gettext("Provide a list of accessible networks to clients"); ?><br />
                        </div>
419 420 421 422 423
										</td>
									</tr>
									<tr>
										<td><a id="help_for_save_passwd" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Save Xauth Password"); ?></td>
										<td>
424 425 426 427 428
                        <input name="save_passwd" type="checkbox" id="save_passwd_enable" value="yes" <?= !empty($pconfig['save_passwd']) ? "checked=\"checked\"" : "";?> />
                        <div class="hidden" for="help_for_save_passwd">
                          <?=gettext("Allow clients to save Xauth passwords (Cisco VPN client only)."); ?><br />
                          <?=gettext("NOTE: With iPhone clients, this does not work when deployed via the iPhone configuration utility, only by manual entry."); ?><br />
                        </div>
429 430 431 432 433
										</td>
									</tr>
									<tr>
										<td><a id="help_for_dns_domain_enable" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("DNS Default Domain"); ?></td>
										<td>
434 435 436 437 438
                        <input name="dns_domain_enable" type="checkbox" id="dns_domain_enable" value="yes"  <?= !empty($pconfig['dns_domain']) ? "checked=\"checked\"" : "";?> onclick="dns_domain_change()" />
                        <input name="dns_domain" type="text" id="dns_domain" size="30" value="<?=$pconfig['dns_domain'];?>" />
                        <div class="hidden" for="help_for_dns_domain_enable">
                          <?=gettext("Provide a default domain name to clients"); ?>
                        </div>
439 440 441 442 443
										</td>
									</tr>
									<tr>
										<td><a id="help_for_dns_split_enable" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Split DNS"); ?></td>
										<td>
444 445 446 447 448 449
                        <input name="dns_split_enable" type="checkbox" id="dns_split_enable" value="yes" <?= !empty($pconfig['dns_split']) ? "checked=\"checked\"" : "";?> onclick="dns_split_change()" />
                        <input name="dns_split" type="text" class="form-control unknown" id="dns_split" size="30" value="<?=$pconfig['dns_split'];?>" />
                        <div class="hidden" for="help_for_dns_split_enable">
                          <?=gettext("Provide a list of split DNS domain names to clients. Enter a comma separated list."); ?><br />
                          <?=gettext("NOTE: If left blank, and a default domain is set, it will be used for this value."); ?>
                        </div>
450 451 452 453 454
										</td>
									</tr>
									<tr>
										<td><a id="help_for_dns_server_enable" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("DNS Servers"); ?></td>
										<td>
455 456 457 458 459 460 461 462 463 464 465 466 467 468
                        <input name="dns_server_enable" type="checkbox" id="dns_server_enable" value="yes"  <?= !empty($pconfig['dns_server1']) || !empty($pconfig['dns_server2']) || !empty($pconfig['dns_server3']) || !empty($pconfig['dns_server4']) ? "checked=\"checked\"" : "";?> onclick="dns_server_change()" />
                        <div id="dns_server_enable_inputs">
                          <?=gettext("Server"); ?> #1:
                          <input name="dns_server1" type="text" class="form-control unknown" id="dns_server1" size="20" value="<?=$pconfig['dns_server1'];?>" />
                          <?=gettext("Server"); ?> #2:
                          <input name="dns_server2" type="text" class="form-control unknown" id="dns_server2" size="20" value="<?=$pconfig['dns_server2'];?>" />
                          <?=gettext("Server"); ?> #3:
                          <input name="dns_server3" type="text" class="form-control unknown" id="dns_server3" size="20" value="<?=$pconfig['dns_server3'];?>" />
                          <?=gettext("Server"); ?> #4:
                          <input name="dns_server4" type="text" class="form-control unknown" id="dns_server4" size="20" value="<?=$pconfig['dns_server4'];?>" />
                        </div>
                        <div class="hidden" for="help_for_dns_server_enable">
                          <?=gettext("Provide a DNS server list to clients"); ?>
                        </div>
469 470 471 472 473
										</td>
									</tr>
									<tr>
										<td><a id="help_for_wins_server_enable" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("WINS Servers"); ?></td>
										<td>
474 475 476 477 478 479 480 481 482 483
                        <input name="wins_server_enable" type="checkbox" id="wins_server_enable" value="yes" <?= !empty($pconfig['wins_server1']) || !empty($pconfig['wins_server2']) ? "checked=\"checked\"" : "";?> onclick="wins_server_change()" />
                        <div id="wins_server_enable_inputs">
                          <?=gettext("Server"); ?> #1:
                          <input name="wins_server1" type="text" class="form-control unknown" id="wins_server1" size="20" value="<?=$pconfig['wins_server1'];?>" />
                          <?=gettext("Server"); ?> #2:
                          <input name="wins_server2" type="text" class="form-control unknown" id="wins_server2" size="20" value="<?=$pconfig['wins_server2'];?>" />
                        </div>
                        <div class="hidden" for="help_for_wins_server_enable">
                          <?=gettext("Provide a WINS server list to clients"); ?>
                        </div>
484 485 486 487 488
										</td>
									</tr>
									<tr>
										<td><a id="help_for_pfs_group_enable" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Phase2 PFS Group"); ?></td>
										<td>
489 490 491 492
                        <input name="pfs_group_enable" type="checkbox" id="pfs_group_enable" value="yes" <?= !empty($pconfig['pfs_group']) ? "checked=\"checked\"" : "";?>  onclick="pfs_group_change()" />

                        <select name="pfs_group" class="form-control" id="pfs_group">
<?php                     foreach ($p2_pfskeygroups as $keygroup => $keygroupname) :
493
?>
494 495 496 497 498 499 500 501 502 503
                          <option value="<?=$keygroup;?>" <?= $pconfig['pfs_group'] == $keygroup ? "selected=\"selected\"" : "" ; ?>>
                            <?=$keygroupname;?>
                          </option>
<?php
                          endforeach;
?>
                        </select>
                        <div class="hidden" for="help_for_pfs_group_enable">
                          <?=gettext("Provide the Phase2 PFS group to clients ( overrides all mobile phase2 settings )"); ?>
                        </div>
504 505 506 507 508
										</td>
									</tr>
									<tr>
										<td><a id="help_for_login_banner_enable" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Login Banner"); ?></td>
										<td>
509 510 511 512 513
                        <input name="login_banner_enable" type="checkbox" id="login_banner_enable" value="yes" <?= !empty($pconfig['login_banner']) ? "checked=\"checked\"" : "";?> onclick="login_banner_change()" />
                        <textarea name="login_banner" cols="65" rows="7" id="login_banner" class="formpre"><?=$pconfig['login_banner'];?></textarea>
                        <div class="hidden" for="help_for_login_banner_enable">
                          <?=gettext("Provide a login banner to clients"); ?><br />
                        </div>
514 515 516 517 518 519 520 521 522 523
										</td>
									</tr>
									<tr>
										<td>&nbsp;</td>
										<td>
											<input name="submit" type="submit" class="btn btn-primary" value="<?=gettext("Save"); ?>" />
										</td>
									</tr>
								</table>
							 </div>
524
							 </form>
525 526
					  </div>
			  </section>
Ad Schellevis's avatar
Ad Schellevis committed
527
			</div>
528 529
	</div>
</section>
530

531
<?php include("foot.inc"); ?>