Re: [m0n0wall] Site to Site IPSEC VPN with multiple LAN Subnets on one side.

From:	Peter Allgeyer <allgeyer at web dot de>
To:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] Site to Site IPSEC VPN with multiple LAN Subnets on one side.
Date:	Fri, 22 Apr 2005 01:38:29 +0200

Am Donnerstag, den 21.04.2005, 08:54 +0200 schrieb Claude Hecker:
> Create the first tunnel with the gui interface ..
> Switch to .../edit.php and edit /var/etc/racoon.conf like this

This way, you'll loose your configuration after rebooting. Not really
what one will expect.

> sainfo address 192.168.3.0/24 any address 10.1.128.0/24 any {
>     encryption_algorithm 3des;
>     authentication_algorithm hmac_sha1;
>     compression_algorithm deflate;
>     lifetime time 3600 secs;
> }
> 
> sainfo address 10.1.0.0/22  any address 10.1.128.0/24 any {
>     encryption_algorithm 3des;
>     authentication_algorithm hmac_sha1;
>     compression_algorithm deflate;
>     lifetime time 3600 secs;
> }
There should be a way to configure something like this by the GUI, store
it in config.xml and being created at boot time (and of course after
editing in the GUI). Is there any interest in discussing this on the
developer list?

Ciao ...
	... PIT ...


---------------------------------------------------------------------------
 copyleft(c) by |           Linux ext2fs has been stable for a long time,
 Peter Allgeyer |   _-_     now it's time to break it  -- Linuxkongreß
                | 0(o_o)0   '95 in Berlin
---------------oOO--(_)--OOo-----------------------------------------------