[Openswan Users] Using the %dns option
Patrick Naubert
patrickn at xelerance.com
Mon Jul 28 15:14:16 EDT 2014
Rescued from the Spam bucket. Please remember to subscribe to the mailing list before posting to it.
From: andy paleologopoulos <chfanfiction at hotmail.com>
Subject: Using the %dns option
Date: July 28, 2014 at 3:06:22 PM GMT-4
To: "users at lists.openswan.org" <users at lists.openswan.org>
Hi all,
I'm currently trying to set up a simple host-to-host connection between two machines. I want to set it up using DNS to store the pubic keys so that I don't need to copy them over using the leftrsasigkey=%dns option, but simply replacing the keys in the .conf file doesn't seem to work. Is there a step I'm missing to store the keys in DNS? I haven't changed anything from how you would to a normal host-to-host connection. My .conf file currently looks similar to this:
conn vpn
left=0.1.0.1
leftrsasigkey=%dns
right=1.0.1.0
rightrsasigkey=%dns
auto=start
type=transport
authby=rsasig
forceencaps=on
ikev2=insist
The man page for pluto points me to the man page for named, but I still can't seem to find what I'm looking for. Any help would be much appreciated.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20140728/b427caa3/attachment.html>
More information about the Users
mailing list