you can bind a PSK to 0.0.0.0. That's the Cisco equivalent of "any".
I wonder if it's possible to translate between the freeswan rsa key format
and the cisco rsa key format?
Then there's the third way, which is really ugly. put a recent cisco 3des
image on the router. enable ssh. write an expect script on the linux box
that gets it's ip address, logs on, and re-configures the cisco.
I told you it was ugly.
But the PSK for 0.0.0.0 way is the best reasonably acceptable method.
-Joe
> -----Original Message-----
> From: users-admin_at_lists.freeswan.org
> [mailto:users-admin_at_lists.freeswan.org]On Behalf Of Kuba Leszewski
> Sent: Friday, May 31, 2002 7:40 AM
> To: List freeswan
> Subject: [Users] linux - cisco problem
>
>
> Hi,
>
>
> Has anyone tried to set up a VPN between freeswan and Cisco,
> where Cisco has a static IP addres, and Freeswan has a dynamic IP (a
> dial-up connection) ?
>
> When both sides have static addresses, then everything works.
>
> I'd like to authenticate using pre-shared keys, but Cisco wants me to
> bind the key with a static ip.
> And I can't do that.
>
>
> I'm searching for a solution in CCO, but no luck so far.
>
> If anyone has got any ideas, or already set up such a connection, please
> help.
>
> Regards
> Kuba
>
>
>
>
>
>
>
> _______________________________________________
> Users mailing list
> Users_at_lists.freeswan.org
> http://lists.freeswan.org/mailman/listinfo/users
>
>
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:20:09 CEST