Freeswan will resolve domain names for outgoing connections, when a connection is received, it doesn't use the left/right entry for figuring out who is connecting. It will use the leftid/rightid to determine who is connecting (AFAIK). I've setup this type of config with static/dynamic static/static and dynamic/dynamic
Hope that helps On Thu, 2002-08-22 at 19:42, Geoff Crompton wrote: > On Thu, Aug 22, 2002 at 03:00:59PM -0400, Sean McAvoy wrote: > > Hello, > > I've successfully configured site to site VPN connections using > > FreeSwan, RSA keys, and using our own Dynamic DNS server (gnudip). It's > > a straight forward tunnel connection. Couple of points > > left= and right= should be FQDNs, also uniqueids = yes is important, it > > drops the old connection if a new one is authenicated and initializing. > > And one final one, Dead peer detection should be enabled, if you are > > using a patched version of freeswan, as I don't believe the Debian > > (woody) package contains that patch (though it does add AES, and x.509 > > certificate support). > > Were both ends dynamic IP addresses? And freeswan automatically looks > up the domain names upon reconnections? > > Thanks for clarifying > > Geoff > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- Sean McAvoy Network Analyst Megawheels Technologies Inc. Phone: 416.360.8211 Fax: 416.360.1403 Cell: 416.616.6599
