[ previous ] [ next ] [ threads ]
 
 From:  Peter Allgeyer <allgeyer at web dot de>
 To:  Steven McCoy <fnjordy at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Setup a site to site VPN IPSec with 2 M0n0
 Date:  Fri, 23 Sep 2005 16:14:00 +0200
Am Freitag, den 23.09.2005, 20:36 +0800 schrieb Steven McCoy:

> I have this with IPSEC and its pretty bad, you really need to use
> OpenVPN as Racoon doesn't work well with changing endpoints
> (see previous posts).
I can emphasise this.

> I had to use CCD directories, and I hope the new
> OpenVPN updates can accomdate this requirement and make its
> configuration easier for everyone.
At this point there's no support for client-config-dir. I don't know how
to implement this, since most of m0n0walls filesystem is held in memory.
As a first step, I've moved all configuration options into an extra file
instead of calling openvpn with many parameters. Second step will be to
implement ccd, but as I said, I'm not sure how to do this right. I think
that ccd will be part of an expert section or page which is in work.

> I am looking to help but a VMWare image of the latest OpenVPN betas with a
> SSHD would help people to contribute :)
Why? exec.php should be enough, I think. OK, you are a little bit
flexiblier with SSH, but thats all. If you want to help (and finding
bugs is help as well), you should look at the latest test series on my
homepage.

BR,
   PIT


---------------------------------------------------------------------------
 copyleft(c) by |   _-_     Sic transit discus mundi  -- From the System
 Peter Allgeyer | 0(o_o)0   Administrator's Guide, by Lars Wirzenius
---------------oOO--(_)--OOo-----------------------------------------------