From owner-freebsd-questions@FreeBSD.ORG Fri Oct 1 15:21:03 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E3C3616A4CE for ; Fri, 1 Oct 2004 15:21:03 +0000 (GMT) Received: from webmail.wkcorp.com (webgate.wkcorp.com [142.179.95.187]) by mx1.FreeBSD.org (Postfix) with ESMTP id A315343D53 for ; Fri, 1 Oct 2004 15:20:59 +0000 (GMT) (envelope-from mkj1@wkcorp.com) Received: from BILLLAPTOP (d66-183-67-167.bchsia.telus.net [66.183.67.167]) (using TLSv1 with cipher RC4-MD5 (128/128 bits)) (No client certificate requested) by webmail.wkcorp.com (Postfix) with ESMTP id 700EA33FCB for ; Fri, 1 Oct 2004 08:20:56 -0700 (PDT) From: "Michael Kreykenbohm" To: Date: Fri, 1 Oct 2004 08:23:53 -0700 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409 Subject: dynamic IPSEC: Holy grail sighted X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Oct 2004 15:21:04 -0000 I have a router/ FreeBSd with a network on the other side with a Dynamic IP. At the other end is a static IP router/ FreeBsd box. I was using a manually keyed encryption, now I have the racoon to do the key negotiation. I can change the static gif0 interfaces at the VPn dynamic router using the dhclient-exit-loop. But what about the server gif0 interface. The gif0 tunnel attributes want the VPN's router address, and I would need an "exit-hook" from racoon to set this up, more then just setting the SPD keys. Any idea where to latch that from. I'v though about watchdogs (check the SPD keys), but is there a better way. Michael Kreykenbohm