On Fri, 17 May 2002, Barry Irwin wrote:
> B [client] - {internet} - [vpngw] - [server]
It would be a tunnel like B. The "[vpngw]" on the client side is software
running on the client. The "[vpngw]" on the other side is a contivity
switch. I'm trying to reach servers on the other side of the contivity.
> On the case of dynamic IP's have a look at the "generate policy on;"
> statement in racoon.conf. However you either need to authenticte using
> aggressive mode ( in which case you can provide a username or somethign else
> to look up against the password) or main mode using certificates.
I'm pretty confident about racoon configuration. spdadd (seems to)
require(s) fixed tunnel endpoints before I can start racoon, and that's
the mystery.
When I have a spare moment (not this week) I'll futz with spdadd and see
if giving bogus values to spdadd to start and then using generate policy
on; will work.
Thanks for the replies!
- Matt
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
