From owner-freebsd-questions Fri Jul 12 10:53:15 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F129F37B401; Fri, 12 Jul 2002 10:53:04 -0700 (PDT) Received: from tao.dizzy-online.org (dyn-213-36-104-4.ppp.tiscali.fr [213.36.104.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id B15E143E65; Fri, 12 Jul 2002 10:53:03 -0700 (PDT) (envelope-from guest@dizzy-online.org) Received: from www.dizzy-online.org (localhost.dizzy-online.org [127.0.0.1]) by tao.dizzy-online.org (8.12.3/8.12.3) with ESMTP id g6CGVhct040651; Fri, 12 Jul 2002 18:31:44 +0200 (CEST) (envelope-from guest@dizzy-online.org) From: "Dizzy" To: "chris scott" , , Subject: Re: Raccon and dynamic IPs Date: Fri, 12 Jul 2002 18:31:43 +0900 Message-Id: <20020712183143.M7997@dizzy-online.org> In-Reply-To: <019701c229bb$6e2e0c90$a4102c0a@viper> References: <019701c229bb$6e2e0c90$a4102c0a@viper> X-Mailer: Open WebMail 1.64 20020415 X-OriginatingIP: 192.0.1.3 (guest) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hi, you can use anonymous into remote and sainfo sections. setup remote with my_identifier user_fqdn "anonymous@dev.null" and pre_shared_key with anonymous@dev.null your_secret Maybe you prefer certificate for authentication ? good luck -- dizzy ---------- Original Message ----------- From: "chris scott" To: , Sent: Fri, 12 Jul 2002 16:47:30 +0100 Subject: Raccon and dynamic IPs > Hi, > > I have currently setup a vpn between my dsl box at home and one at > work. I basically encrypt all gif tunnel traffic between the two > boxes and use racoon to do the key exchange. It al works fairly > well. However my box at home has a dynamic IP and this is where the > problems start. I have got they system to cope with a few shell > scripts and remote ssh commands, but it is messy and rather cludgy. > What I really want to do is to configure racoon to use a default key > to initiate all key exchanges unless the host is otherwise > specified. However as far as I can see racoon cant cope with > wildcards or netblock notation. Am I correct in thinking this as all > the docs on raccoon are fairly sparse. What I would really like to > do is maybe use my dynamic host name or specify the ip range my dsl > connects in. Is this possible? I'm not to keen on explicitly > specifying every ip in the range I'm assigned as it is rather a > large one, although it would work. > > maybe something like this > > 1.2.3.4/16 secret > or > > 5.6.7.8/255.255.128.0 secret > > or > > * secret > > etc > > regards > > Chris Scott > MK NOC > > 0845 6684000 > > IMPORTANT NOTICE: > This email may be confidential, may be legally privileged, and is > for the intended recipient only. Access, disclosure, copying, > distribution, or reliance on any of it by anyone else is prohibited > and may be a criminal offence. Please delete if obtained in error > and email confirmation to the sender. ------- End of Original Message ------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message