[Openswan Users] ipsec.secrets for a host with a dynamic IP
Nick Howitt
n1ck.h0w1tt at gmail.com
Thu Oct 22 14:21:46 EDT 2009
Yes. resumably that will match the secret only for farfqdn like:
%any farfqdn : PSK "shared secret"
I was wondering if I could be more specific for my IP. Practically
speaking, if it worked, would there be any difference between:
%defaultroute farfqdn : PSK "shared secret"
and
%any farfqdn : PSK "shared secret"
Nick
On 22/10/2009 19:11, Paul Wouters wrote:
> On Thu, 22 Oct 2009, Nick Howitt wrote:
>
>> I have a dynamic (almost static) IP address with a tunnel I initiate to
>> another router. Currently my ipsec.secrets reads:
>>
>> myfqdn farfqdn : PSK "shared secret"
>>
>> In the ipsec.conf I can use %defaultroute for left so if my IP changes
>> it always picks up the correct one. In ipsec.secrets I cannot see any
>> equivalent parameter so I use myfqdn instead.
>
> %any (or 0.0.0.0)
>
> Paul
More information about the Users
mailing list