This patch (which I haven't tested, but would be happy to if someone
can point me to docs on how to build m0n0wall for installation into a
regular PC or VM) adds a new identifier type to the "My identifier"
option when setting up IPsec tunnels. It's called "asn1dn" and it is
required to use RSA certs to connect to Openswan IPsec peers. This is
a much more secure configuration than PSKs, so it would be good to
Here's a message to the mailing list from 2005 requesting the same
thing (and also showing the nature of the problem): http://m0n0.ch/wall/list/showmsg.php?id=206/25
This is diff'ed against branches/freebsd6. Any chance this can go into
the next beta of 1.3? I'd be happy to test it on a production box then.