Hi there,
I successfully managed my dynamic DNS issue I mentionend a few days ago on
this list. In case if anyone plans to do the same: These are the lines in
the 'up-client' section of a special _updown script:
DNS_HOST=`echo "$PLUTO_CONNECTION" | cut -d\- -f2`.vpn.wgw.wetzel.de.
DNS_ADDR=`echo "$PLUTO_PEER_CLIENT" | cut -d\/ -f1`
echo "server 193.98.35.55" > /tmp/dns.upd
echo "update delete $DNS_HOST" >> /tmp/dns.upd
echo "update add $DNS_HOST 300 A $DNS_ADDR" >> /tmp/dns.upd
echo "send" >> /tmp/dns.upd
/usr/bin/nsupdate < /tmp/dns.upd
My roadwarrior connections are named in the form 'company_fw-roadwarrior'
and/or 'company_net-roadwarriorname'. Upon connection these lines add a
dynamic entry 'roadwarriorname.vpn.wgw.wetzel.de' to a special zone of our
internal DNS.
I have nearly equal commands for deleting an entry when the connection to
the roadwarrior goes down. Unfortunately, FreeS/WAN is not willing to do
this when it receives the appropriate message from PGPNet 7.1:
Jul 23 08:13:43 firewall-gr Pluto[31445]: "company_net-Test" 149.225.90.4
#118: ignoring Delete SA payload
Jul 23 08:13:43 firewall-gr Pluto[31445]: "company_net-Test" 149.225.90.4
#118: received and ignored informational message
This is when I click 'disconnect' on the PGPNet side.
The roadwarrior connection on FreeS/WAN side is deleted after six hours when
rekeying occurs. Then the down-client section is called and my DNS entries
are deleted.
Well, I can live with that, but I'd like to see the connection going down
when it's REALLY going down. This would give me also the chance to log how
long a connection has been established to our roadwarriors.
Is this a configuration issue or an unsolvable problem based on design?
I hope someone is reading this, actually :-)
Thx a lot!
Jens
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:20:26 CEST