Christiaens Joachim wrote:
> Maybe some kind of rebuilding the racoon.conf based on
> name-resolution each time a connection is lost? I don't know
> if it is possible at all...
I think this is a good temporary solution, untill someone fixes
racoon. To enable dynamic IPSEC in both ends, requiere the dynamic
DNS service. You would only need a smal script that runs, say, every
2-10 minutes and resolves the other machine's ip-address and if it
differs, store it, update config file and reload racoon...
It may be a little hairy, but i'm quite sure it would work.