[Openswan Users] IPSEC exploitation on the loose?

Nick Howitt n1ck.h0w1tt at gmail.com
Fri Jun 25 13:42:22 EDT 2010


  If I could cancel my last post I would.

That may work if I can see how to do it. I was having real problems in 
the past with ipsec.secrets with one secret with an FQDN and one with 
%any where re-reading the file on DPD would have sorted it. I was 
completely mixing myself up.

Nick

On 25/06/2010 18:06, Paul Wouters wrote:
> On Fri, 25 Jun 2010, Nick Howitt wrote:
>
>> My far endpoints are on dynamic IP's. It would be nice if DPD actions 
>> could force the re-reading of ipsec.secrets because then
>> it would become viable to use FQDN's in the ipsec.secrets file. The 
>> only downside of this approach is that the
>> re-establishment of the tunnel is dependant on how fast the Dynamic 
>> DNS update to the new IP addresses.
>
> You should be able to use leftid/rightid and put those in ipsec.secrets?
>
> Paul


More information about the Users mailing list