[Openswan Users] how to specify domain name in ipsec.secrets
chris at northfolk.ca
Wed Dec 6 14:34:37 EST 2006
I have ipsec working using pre-shared keys with a NATed WinXP client.
My ipsec host is on a machine with a dynamic IP, so I don't want to have
to specify the host IP in any of the configuration files.
Currently in ipsec.secrets I have:
184.108.40.206 %any: PSK "secret"
From the manual page, I think I should be able to replace it with:
@vpn.northfolk.ca %any: PSK "secret"
but this doesn't work and I get the following message in my log:
Dec 6 12:25:33 aurora pluto: "L2TP-PSK" 220.127.116.11 #4:
Can't authenticate: no preshared key found for `18.104.22.168' and
`%any'. Attribute OAKLEY_AUTHENTICATION_METHOD
This makes me think that the name is not being properly resolved. How
can I get this to work?
More information about the Users