[ previous ] [ next ] [ threads ]
 
 From:  Bill Eccles <Bill dot lists at Eccles dot net>
 To:  Bill Eccles <Bill dot lists at eccles dot net>
 Cc:  "Jonathan De Graeve" <Jonathan dot De dot Graeve at imelda dot be>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] FQDNs and Remote gateways
 Date:  Sat, 24 Sep 2005 13:08:30 -0400 
I probably should have mentioned in my first post that the tunnel is  
to be between two m0n0wall boxes.

Bill


On Sep 24, 2005, at 1:03 PM, Bill Eccles wrote:

If I understand the operation of the system correctly, though, one of  
the ends, an initiator, must be able to send the request to the  
responder, which it can only "find" if it knows the IP address of the  
remote end. If the remote end has a dynamic IP address, then it must  
use a FQDN to resolve the address to the raw IP address in order to  
know where to send the request. Reversing the situation and making  
the other end the initiator doesn't work because both ends are  
dynamically addressed.

And since m0n0wall won't allow a FQDN in the Remote gateway field,  
I'm stuck.

Any other thoughts?

Thanks,
Bill

On Sep 24, 2005, at 12:57 PM, Jonathan De Graeve wrote:

Use responder only and fill in initiator id

J.

--
Jonathan De Graeve
Network/System Administrator
Imelda vzw
Informatica Dienst
015/50.52.98
Jonathan dot de dot graeve at imelda dot be

-----Oorspronkelijk bericht-----
Van: Bill Eccles [mailto:Bill dot lists at eccles dot net]
Verzonden: zaterdag 24 september 2005 18:27
Aan: m0n0wall at lists dot m0n0 dot ch
Onderwerp: [m0n0wall] FQDNs and Remote gateways

Gentleones,

I gotta' little problem here and I hope someone can help me out.
Section 6.5 of the manual doesn't even mention the Remote gateway
field of the VPN>IPsec page, and I really, really want to use a FQDN
here instead of IP address, but m0n0wall gripes about needing an IP
address. And why? Because static IP addresses are getting more and
more difficult to find and I'm really starting to rely on the
wonderful services of the folks at DynDNS.org.

Now, I realize I can use a mobile client on one firewall and use a
static IP address for the other end, but that doesn't work when we
have two dynamic IP addresses that must be connected.

I'm using v1.11 of m0n0wall and, this niggle aside, am completely
impressed with the quality, look and feel of this system. I can't
wait until I can deploy it to replace my LinkSys BEFSX41s. But until
I can use FQDNs at both ends of a tunnel, I'm SOL.

Any thoughts? Hacks? Tricks?

Thanks,
Bill


---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch








---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch