dynamic IPSEC: Holy grail sighted
Michael Kreykenbohm
mkj1 at wkcorp.com
Fri Oct 1 08:21:04 PDT 2004
I have a router/ FreeBSd with a network on the other side with a Dynamic IP.
At the other end is a static IP router/ FreeBsd box.
I was using a manually keyed encryption,
now I have the racoon to do the key negotiation.
I can change the static gif0 interfaces at the VPn dynamic router using the
dhclient-exit-loop.
But what about the server gif0 interface. The gif0 tunnel attributes want
the
VPN's router address, and I would need an "exit-hook" from racoon to set
this up,
more then just setting the SPD keys.
Any idea where to latch that from. I'v though about watchdogs (check the SPD
keys),
but is there a better way.
Michael Kreykenbohm
More information about the freebsd-questions
mailing list