On 01.02.06 19:06 +0100, Marc Bucher wrote:
> The m0n0wall works great! Easy to configure and many features. But
> one thing, we miss it.
> That would be IPSec Support with dynamic IP Adresses.
> I saw, you have implement it in a previous Release of m0n0wall:
That post refers to supporting IPsec where the local m0n0wall's WAN
IP address is dynamic - not the remote end of a tunnel - whereas
you're probably looking for the latter. In the past, that
configuration wasn't possible (without some ugly hacks) with KAME
racoon. Things look different with ipsec-tools racoon (which we're
using since 1.21), so it might be possible now, but I haven't checked
yet. Any racoon.conf wizards out there?