I have a couple of questions regarding setting up ipsec.
I've read the "4 minutes" page and modified the older setup to work
with 2 OpenBSD 4.5 boxes. That's enough to get me going with an IPsec
tunnel by IP addresses but one side of my connection is a consumer
grade DSL line which wants to have it's address changed every 5
minutes (sigh). I obviously need to setup ipsec with FQDN. I initially
tried to do this with certificates but I couldn't get things to work
so I've rolled back to using public keys and everything appears to be
okay.
My question is this: When you use certficates does isakmpd still use
/etc/isakmpd/private/local.key
as the private key for the crypto negotiation or can that be changed.
-- Chris
Chris Hilton tildeChris -- http://myblog.vindaloo.com
email -- chris/at/vindaloo/
dot/com
.~
~
.--.~
~.--.~~.--.~~.--.~~.--.~~.--.~~.--.~~.--.~~.--.~~.--.~~.--.~~.--.~~.
"I'm on the outside looking inside, What do
I see?
Much confusion, disillution, all
around me."
-- Ian McDonald / Peter
Sinfield
