[ previous ] [ next ] [ threads ]
 From:  Chris Buechler <cbuechler at gmail dot com>
 To:  kohlstedt at gmail dot com
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Site To Site VPN Using Dynamic IP Addresses
 Date:  Tue, 20 Sep 2005 12:13:30 -0400
On 9/19/05, Bryan Kohlstedt <kohlstedt at gmail dot com> wrote:
> It looks as though I can implement a site to site vpn even if both sides
> have a dynamic ip address. (SBC DSL connection on both sides) My question is
> does the tunnel stay up when the ip address is in the process of changing?
> Is it down for a split second etc?

no can do with dynamic IP's on both sides.  Could do it with a static
on one and dynamic on the other but I wouldn't recommend it.  the
racoon version currently used in m0n0wall has no concept of dead peer
detection, so you would manually have to click Save on the IPsec page
for every IP change.  if you're running any VPN device you're going to
have an easier time with static IP's.  they're typically easy and
relatively cheap to get ahold of too.