[ previous ] [ next ] [ threads ]
 
 From:  Steven McCoy <fnjordy at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Setup a site to site VPN IPSec with 2 M0n0
 Date:  Fri, 23 Sep 2005 20:36:47 +0800
anyone have configured a site to site VPN IPSec (1 static IP and 1 dynamic
IP) with 2 m0n0?

Where I can find a documentation with sample configuration ?


I have this with IPSEC and its pretty bad, you really need to use
OpenVPN as Racoon
doesn't work well with changing endpoints (see previous posts).  I
have previously
posted how to do this with 1.2b7 but with that version kernel panicked
a lot with multiple
rapid connections.  I had to use CCD directories, and I hope the new
OpenVPN updates
can accomdate this requirement and make its configuration easier for
everyone.  I am
looking to help but a VMWare image of the latest OpenVPN betas with a
SSHD would help
people to contribute :)

Setting up OpenVPN:

http://www.m0n0.ch/wall/list/?action=show_msg&actionargs[]=165&actionargs[]=56

However it also prefers that the DHCP scripts send a SIGUSR1 to
OpenVPN on acquiring a
new address.

HOWTO on static & dynamic endpoints:

http://pfsense.com/tutorials/mobile_ipsec

I cannot find the post mentioning the problems with Racoon, but
supporting dynamic endpoints
is in pfSenses wish list:

http://wiki.pfsense.com/wikka.php?wakka=RequestedFeatures


I have two sites that need this setup and want to help get this feature working.

--
Steve-o