[ previous ] [ next ] [ threads ]
 From:  Wes Morgan <cap10morgan at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  patch: add asn1dn identifier type to IPsec config
 Date:  Fri, 28 Mar 2008 15:42:37 -0600
This patch (which I haven't tested, but would be happy to if someone
can point me to docs on how to build m0n0wall for installation into a
regular PC or VM) adds a new identifier type to the "My identifier"
option when setting up IPsec tunnels. It's called "asn1dn" and it is
required to use RSA certs to connect to Openswan IPsec peers. This is
a much more secure configuration than PSKs, so it would be good to
support it.

Here's a message to the mailing list from 2005 requesting the same
thing (and also showing the nature of the problem): http://m0n0.ch/wall/list/showmsg.php?id=206/25

This is diff'ed against branches/freebsd6. Any chance this can go into
the next beta of 1.3? I'd be happy to test it on a production box then.


Wes Morgan
asn1dn.patch (3.8 KB, application/octet-stream)