On Thu, Aug 22, 2002 at 01:57:32AM +0200, R?mi Letot wrote: > Hi all, > > I'd like to setup a VPN between two hosts on cable connection. The > problem is that they have dynamic ip's, and none of the two sides is > permanently up (most of the time they are up, but it's not guaranteed > at all). Furthermore, I can't be sure of which one will come up first > when they are down (or one of them is down). > > So the solution must be completely flexible regarding which end is a > "server", or which side is "calling" the other. > > On the plus side, I can register them to a dynamic dns service, and I > could hack a setup using vtund. My problem is that it'sreally a hack, > and I'd like a cleaner and more robust solution. > > Is there one ? > Ty,
I can't remember, but does FreeSwan support specifying connections with domain names? You would have to use RSA key authentication to make it work, as the connection is coming in on a 0.0.0.0 address specification (as it is going to be dynamic). I guess you would need to write some sort of cron script that would periodically try and establish the connection. You might have to go as far as dynamically generating a config file and restarting freeswan. (If you were going to use freeswan). If you work out a solution, I would be interested in knowing. There is a chance that I might have to implement something similar in a few months. Cheers Geoff
