[Openswan Users] Openswan & TFTP
Julien Bonjean
julien.bonjean at savoirfairelinux.com
Fri Nov 14 15:03:48 EST 2008
Paul Wouters wrote:
> On Fri, 14 Nov 2008, Julien Bonjean wrote:
>
>> Sorry if I wasn't clear. Openswan is already running on server
>> because some clients may have already established a VPN with it. The
>> problem is when another client wants to establish a connection or if
>> a client reboot. For some security reasons we don't want to store
>> ipsec.secrets and ipsec.conf in client initrd so it must retrieve
>> them by tftp but server doesn't accept unencrypted connection as
>> Openswan is already running (for other clients) ... I currently use a
>> second unencrypted connection to retrieve files but I would like to
>> avoid this.
>
> The running openswan should not be blocking new connection.
Yes but we are talking about a non-crypted connection, Openswan is not
running on client and will not until we get config files !
> Is there ip re-use
> without clearing out the previous ipsec tunnels?
>
> Paul
Julien
-------------- next part --------------
A non-text attachment was scrubbed...
Name: julien_bonjean.vcf
Type: text/x-vcard
Size: 376 bytes
Desc: not available
Url : http://lists.openswan.org/pipermail/users/attachments/20081114/dd76cde9/attachment.vcf
More information about the Users
mailing list