[ previous ] [ next ] [ threads ]
 
 From:  "Magne Andreassen" <magne dot andreassen at bluezone dot no>
 To:  "'Christiaens Joachim'" <jchristi at oce dot be>, "'Manuel Kasper'" <mk at neon1 dot net>, "'cfs2'" <cii633 at 21cn dot com>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Re:[m0n0wall] Status report
 Date:  Fri, 31 Oct 2003 15:05:31 +0100
Christiaens Joachim wrote:
> Maybe some kind of rebuilding the racoon.conf based on
> name-resolution each time a connection is lost? I don't know
> if it is possible at all...
> 

I think this is a good temporary solution, untill someone fixes
racoon. To enable dynamic IPSEC in both ends, requiere the dynamic 
DNS service. You would only need a smal script that runs, say, every
2-10 minutes and resolves the other machine's ip-address and if it
differs, store it, update config file and reload racoon...

It may be a little hairy, but i'm quite sure it would work.

Magne