[ previous ] [ next ] [ threads ]
 From:  Manuel Kasper <mk at neon1 dot net>
 To:  Marc Bucher <marc dot bucher at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Missing Dynamic IPSec Feature
 Date:  Wed, 01 Feb 2006 19:53:30 +0100
On 01.02.06 19:06 +0100, Marc Bucher wrote:

> The m0n0wall works great! Easy to configure and many features. But
> one thing, we miss it. 
> That would be IPSec Support with dynamic IP Adresses.
> I saw, you have implement it in a previous Release of m0n0wall:
> http://www.m0n0.ch/wall/list/showmsg.php?id=4/82

That post refers to supporting IPsec where the local m0n0wall's WAN
IP address is dynamic - not the remote end of a tunnel - whereas
you're probably looking for the latter. In the past, that
configuration wasn't possible (without some ugly hacks) with KAME
racoon. Things look different with ipsec-tools racoon (which we're
using since 1.21), so it might be possible now, but I haven't checked
yet. Any racoon.conf wizards out there?

- Manuel