Just use a recent snapshot. Support for names instead of ip addresses has
been added, mh, at least a year ago.
HJ.
On Tue, Sep 04, 2007 at 12:32:55PM +0200, * VLGroup Forums wrote:
Hello everyone,
I have several VPN tunnels between OBSD 3.8 systems (LAN to LAN via
VPN). These all have fixed IP addresses and all works
fine :-) . However, now I have a OBSD 3.8 system that gets a Dynamic IP
address. I mapped that address to a hostname using DynDNS.org
Using ipcheck.py (a python program) it keeps the DynDns.org DNS servers
up-to-date when a IP change occurs. So far, so good.
I was hoping to simply use the DynDns host name in the IPSEC.CONF
file, but that doesnt seem to work :-(( .
For this mail I changed the name to remote5.dyndns.org. The real
name pings ok can Ii can use it to SSH into the machine.
#
# IPSEC to remote location 5
# Active host, remote location is passive
#
ike esp from 172.17.0.0/16 to 192.168.76.0/22 peer remote5.dyndns.org
ike esp from openbsd ip to 192.168.76.0/22 peer remote5.dyndns.org
ike esp from openbsd ip to remote5.dyndns.org
Note the remote5.dyndns.org instead of a IP address.
When I load this config file I get :
# ipsecctl -f /etc/ipsec.conf
/etc/ipsec.conf: 46: could not parse host specification
/etc/ipsec.conf: 47: could not parse host specification
/etc/ipsec.conf: 48: could not parse host specification
ipsecctl: Syntax error in config file: ipsec rules not loaded
How to get around this, that is, get the host named 'parsed' inside the
ipsec.conf file towards the
correct IP address ?
regards
Wiljoh
