From: Sam Sgro (sam_at_freeswan.org)
Date: Thu Oct 17 2002 - 23:26:33 CEST
-----BEGIN PGP SIGNED MESSAGE-----
On Wed, 16 Oct 2002, Thomas Will wrote:
> hello
>
> i 'm seeking a solution (example) to make a tunnel
> with 2 freeswan gateways with 2 dynamic ips
> i have registrated both sites on dyndns.org
> conn sux-tux
> left=sux.suxer.net
> leftsubnet=192.168.1.0/24
> leftnexthop=217.5.98.35
> right=tux.suxer.net
> rightnexthop=217.5.98.34
> rightsubnet=192.168.254.0/24
> auto=add
> this configuration works fine
> but i must patch on every reconnect ipsec.conf
> with the nexthop values
> i can't use on both ends left=%defaultroute
> right=%defaultroute
Why not have asymmetrical connection definitions? Use "left=%defaultroute" on
the sux.suxer.net machine, and "right=%defaultroute" on tux...
... but I see that you've got both nexthops on the same network. In that case,
if relevant, you could use left/rightnexthop=%direct, to use the peer's IP
address directly. Then again, I'm pretty certain you could use the opposite
FQDN in place of your nexthop values as well.
- --
Sam Sgro
sam_at_freeswan.org
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv
Comment: For the matching public key, finger the Reply-To: address.
iQCVAwUBPa8rDEOSC4btEQUtAQGnzgP9G3tnYYks1FKm9MBPlePQ2DmQkO86fc9g
iXPfjPFoEgv83KJUh7h8K+fr8vDn5yiSHG82iPOeGjXBDjs9mj7epDX0pc0hXeIc
w/+e6ZEBRQIPd3ceIvCdvZ6Qq5MMQQhXuaEttMelgMTrco+yJqhGRdujbZX/0NDI
CD6FZzP6aTA=
=4lBh
-----END PGP SIGNATURE-----
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.5 : Fri Oct 18 2002 - 05:20:28 CEST