My routers have a dynamic DNS - IPSec problem.
My m0n0wall 1.32 embedded (on Alix 2) router called 'tokyo.mynet.com'
correctly forwards over a IPSec tunnel to 'madrid.mynet.com'.
tokyo.mynet.com is correctly updating the master DNS server for
mynet.com with a dynamic IP address which changes every day.
madrid.mynet.com has a static IP address.
After the IP address for tokyo.mynet.com changes, everything
continues to perform normally, however IPSec fails.
Looking at diag_ipsec_spd.php and diag_ipsec_spd.php on
tokyo.mynet.com, everything looks good. Entries in SAD are torn
down when unused, and entries in SPD always contain the current
(correct) IP address.
On the remote (static ) router madrid.mynet.com, I see that the
SAD entries are never torn down and the SPD entries contain the
old IP address for tokyo.mynet.com.
I've already activated dead peer detection (DPD). What else do
I need to do to get this working?