[Openswan Users] FQDN in ipsec.conf

naveen kumar naveen_mamindla at yahoo.co.in
Tue Aug 9 07:43:16 CEST 2005


Hi Paul,

I have configured the ipsec.conf as below

conn static-dynamic
    type=tunnel
    left=xxx.xxx.xxx.xxx
    leftid=@www.naveen1.com
    right=%any
    rightid=@www.naveen2.com
    auth=esp
    authby=secret
    pfs=yes
    keyexchange=ike
    auto=add

ipsec.secrets
-------------
@www.naveen1.com @www.naveen2.com : PSK "presharedkey"

when I do up the connection the following error is
coming.

029 "static-dynamic": cannot initiate connection
without knowing peer IP address


Naveen

--- Paul Wouters <paul at xelerance.com> wrote:

> On Mon, 8 Aug 2005, naveen kumar wrote:
> 
> > I am having a dynamic IPAddress provided by ISP.I
> > want to establish an IPSec tunnel using
> openswan-2.3.0
> > installed on my redhat-9 to another PC having the
> same
> > OS and openswan-2.3.0 on it with static IP.
> >
> > My doubt is that can we use FQDN in ipsec.conf
> incase
> > of preshared keys or do I need to have
> certificates.
> 
> you can use FQDN on the static site. the roadwarrior
> end 
> you can give a rightid=@roadwarrior
> 
> Paul
> 



		
_______________________________________________________
Too much spam in your inbox? Yahoo! Mail gives you the best spam protection for FREE! http://in.mail.yahoo.com


More information about the Users mailing list