[Openswan Users] IPSEC exploitation on the loose?
Nick Howitt
n1ck.h0w1tt at gmail.com
Fri Jun 25 13:42:22 EDT 2010
If I could cancel my last post I would.
That may work if I can see how to do it. I was having real problems in
the past with ipsec.secrets with one secret with an FQDN and one with
%any where re-reading the file on DPD would have sorted it. I was
completely mixing myself up.
Nick
On 25/06/2010 18:06, Paul Wouters wrote:
> On Fri, 25 Jun 2010, Nick Howitt wrote:
>
>> My far endpoints are on dynamic IP's. It would be nice if DPD actions
>> could force the re-reading of ipsec.secrets because then
>> it would become viable to use FQDN's in the ipsec.secrets file. The
>> only downside of this approach is that the
>> re-establishment of the tunnel is dependant on how fast the Dynamic
>> DNS update to the new IP addresses.
>
> You should be able to use leftid/rightid and put those in ipsec.secrets?
>
> Paul
More information about the Users
mailing list