[prev in list] [next in list] [prev in thread] [next in thread]
List: snap-users
Subject: (KAME-snap 4343) dynamic IP on security gateway
From: Erik Salander <erik () whistle ! com>
Date: 2001-03-28 1:45:41
[Download RAW message or body]
I have a typical LAN-to-LAN IPSec VPN working with FreeBSD 4.2-STABLE
and the latest racoon (20010222a). Here's a policy on one end:
spdadd 10.3.1.0/24 10.3.2.0/24 any -P in ipsec
esp/tunnel/206.77.205.83-206.77.205.115/require;
What would I specify for setkey if one of the security gateways had a
dynamically assigned IP address on its public interface? I've seen
email posts specifying 0.0.0.0. If I use 0.0.0.0 as a tunnel endpoint
address, is it necessary to also use the my_identifier parameter (not
the "address" alternative, I assume) in racoon.conf? Thanks.
Erik
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic