Date: Fri, 12 Jul 2002 18:31:43 +0900 From: "Dizzy" <guest@dizzy-online.org> To: "chris scott" <chris.scott@uk.tiscali.com>, <freebsd-questions@FreeBSD.ORG>, <freebsd-security@FreeBSD.ORG> Subject: Re: Raccon and dynamic IPs Message-ID: <20020712183143.M7997@dizzy-online.org> In-Reply-To: <019701c229bb$6e2e0c90$a4102c0a@viper> References: <019701c229bb$6e2e0c90$a4102c0a@viper>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, you can use anonymous into remote and sainfo sections. setup remote with my_identifier user_fqdn "anonymous@dev.null" and pre_shared_key with anonymous@dev.null your_secret Maybe you prefer certificate for authentication ? good luck -- dizzy ---------- Original Message ----------- From: "chris scott" <chris.scott@uk.tiscali.com> To: <freebsd-questions@FreeBSD.ORG>, <freebsd-security@FreeBSD.ORG> Sent: Fri, 12 Jul 2002 16:47:30 +0100 Subject: Raccon and dynamic IPs > Hi, > > I have currently setup a vpn between my dsl box at home and one at > work. I basically encrypt all gif tunnel traffic between the two > boxes and use racoon to do the key exchange. It al works fairly > well. However my box at home has a dynamic IP and this is where the > problems start. I have got they system to cope with a few shell > scripts and remote ssh commands, but it is messy and rather cludgy. > What I really want to do is to configure racoon to use a default key > to initiate all key exchanges unless the host is otherwise > specified. However as far as I can see racoon cant cope with > wildcards or netblock notation. Am I correct in thinking this as all > the docs on raccoon are fairly sparse. What I would really like to > do is maybe use my dynamic host name or specify the ip range my dsl > connects in. Is this possible? I'm not to keen on explicitly > specifying every ip in the range I'm assigned as it is rather a > large one, although it would work. > > maybe something like this > > 1.2.3.4/16 secret > or > > 5.6.7.8/255.255.128.0 secret > > or > > * secret > > etc > > regards > > Chris Scott > MK NOC > > 0845 6684000 > > IMPORTANT NOTICE: > This email may be confidential, may be legally privileged, and is > for the intended recipient only. Access, disclosure, copying, > distribution, or reliance on any of it by anyone else is prohibited > and may be a criminal offence. Please delete if obtained in error > and email confirmation to the sender. ------- End of Original Message ------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020712183143.M7997>