[Openswan Users] how to specify domain name in ipsec.secrets

Chris Purves chris at northfolk.ca
Wed Dec 6 14:34:37 EST 2006


I have ipsec working using pre-shared keys with a NATed WinXP client. 
My ipsec host is on a machine with a dynamic IP, so I don't want to have 
to specify the host IP in any of the configuration files.

Currently in ipsec.secrets I have: %any: PSK "secret"

 From the manual page, I think I should be able to replace it with:

@vpn.northfolk.ca %any: PSK "secret"

but this doesn't work and I get the following message in my log:

Dec  6 12:25:33 aurora pluto[6881]: "L2TP-PSK"[4] #4: 
Can't authenticate: no preshared key found for `' and 

This makes me think that the name is not being properly resolved.  How 
can I get this to work?



More information about the Users mailing list