[Openswan Users] openswan and dynamic ip
johnm at advocap.org
Tue Aug 3 14:37:02 CEST 2004
A couple similar questions but this time for the local end.
Again this is on 2.6 kernel native ipsec
If the only local inet ip is dynamic and one is using %defaultroute is
any intervention required?
If one has more than one local inet connection and one is dynamic and
the ip changes can one fix with ipsec auto --replace?
Paul Wouters wrote:
> On Thu, 1 Jul 2004, John McMonagle wrote:
>>In a couple cases it is dynamic ip <=> dynamic ip.
>>I do have dynamic dns setup.
>>In freeswan I had to reload the remote connections when the ip changed.
>>Just wondering is there is a better way to deal with this now?
> No there isn't. But in recent openswan versions there is dead peer detection.
> So it is much easier to kill the tunnels that are unusuable because one end
> of the tunnel changed. Then with hooks into the _updown scripts, you could
> ipsec auto --replace the connection so pluto will pick up the new IP from
More information about the Users