[Openswan Users] IPSEC exploitation on the loose?

[Paul Wouters]

On Fri, 25 Jun 2010, Nick Howitt wrote:

> My far endpoints are on dynamic IP's. It would be nice if DPD actions could force the re-reading of ipsec.secrets because then
> it would become viable to use FQDN's in the ipsec.secrets file. The only downside of this approach is that the
> re-establishment of the tunnel is dependant on how fast the Dynamic DNS update to the new IP addresses.

You should be able to use leftid/rightid and put those in ipsec.secrets?

Paul