[Openswan Users] %defaultroute equivalent for ipsec.secrets
Jonathan Coles
jcoles0727 at rogers.com
Sun Sep 17 20:12:34 EDT 2006
I have a road warrior configuration working with my office VPN.
conn office
left= xxx.xxx.xxx.xxx # vpn gateway at work
leftsubnet=172.20.120.0/24 # office subnet
right=%defaultroute
keyexchange=ike
authby=secret
esp=3des
compress=yes
This works just fine if ipsec.secrets contains my IP and the
VPN gateway IP, like this:
xxx.xxx.xxx.xxx 192.168.0.101 : PSK "pre-shared_secret"
If the computer is a laptop using DHCP, its address will not
always be 192.168.0.101. It need to use %defaultroute, just
like in my connection definition, to supply the current IP
address. Is there some equivalent I can use?
I tried %any as mentioned in the ipsec.secrets man page, but
it doesn't work. Error message: "Can't authenticate: no
preshared key found for `192.168.0.101' and `xxx.xxx.xxx.xxx'."
Have I misunderstood something?
More information about the Users
mailing list