Just use a recent snapshot. Support for names instead of ip addresses has been added, mh, at least a year ago.
HJ. On Tue, Sep 04, 2007 at 12:32:55PM +0200, * VLGroup Forums wrote: > Hello everyone, > > I have several VPN tunnels between OBSD 3.8 systems (LAN to LAN via > VPN). These all have fixed IP addresses and all works > fine :-) . However, now I have a OBSD 3.8 system that gets a Dynamic IP > address. I mapped that address to a hostname using DynDNS.org > Using ipcheck.py (a python program) it keeps the DynDns.org DNS servers > up-to-date when a IP change occurs. So far, so good. > > I was hoping to " simply " use the DynDns host name in the IPSEC.CONF > file, but that doesnt seem to work :-(( . > For this mail I changed the name to "remote5.dyndns.org". The "real" > name pings ok can Ii can use it to SSH into the machine. > > # > # IPSEC to remote location 5 > # Active host, remote location is passive > # > ike esp from 172.17.0.0/16 to 192.168.76.0/22 peer remote5.dyndns.org > ike esp from <openbsd ip> to 192.168.76.0/22 peer remote5.dyndns.org > ike esp from <openbsd ip> to remote5.dyndns.org > > Note the "remote5.dyndns.org" instead of a IP address. > > When I load this config file I get : > > # ipsecctl -f /etc/ipsec.conf > > /etc/ipsec.conf: 46: could not parse host specification > /etc/ipsec.conf: 47: could not parse host specification > /etc/ipsec.conf: 48: could not parse host specification > ipsecctl: Syntax error in config file: ipsec rules not loaded > > How to get around this, that is, get the host named 'parsed' inside the > ipsec.conf file towards the > correct IP address ? > > regards > Wiljoh