[Openswan Users] %defaultroute equivalent for ipsec.secrets

Jonathan Coles jcoles0727 at rogers.com
Sun Sep 17 20:12:34 EDT 2006

I have a road warrior configuration working with my office VPN.

conn office
  left= xxx.xxx.xxx.xxx # vpn gateway at work
  leftsubnet= # office subnet

This works just fine if ipsec.secrets contains my IP and the 
VPN gateway IP, like this:

xxx.xxx.xxx.xxx : PSK "pre-shared_secret"

If the computer is a laptop using DHCP, its address will not 
always be It need to use %defaultroute, just 
like in my connection definition, to supply the current IP 
address. Is there some equivalent I can use?

I tried %any as mentioned in the ipsec.secrets man page, but 
it doesn't work. Error message: "Can't authenticate: no 
preshared key found for `' and `xxx.xxx.xxx.xxx'."

Have I misunderstood something?

More information about the Users mailing list