Date: Thu, 16 May 2002 09:30:58 -0700 (PDT) From: Matthew Zahorik <matt@hottub.org> To: freebsd-net@freebsd.org Subject: IPsec and dynamically assigned IPs Message-ID: <Pine.GSO.4.40.0205160858030.10618-100000@hottub>
next in thread | raw e-mail | index | archive | help
All:
I am unclear regarding spdadd arguments and my VPN setup.
I'm attempting to replace Nortel's Contivity Extranet Client on Windows
with a racoon/ipsec solution.
I'm unsure if this is a "tunnel" or "transport" connection.
I contact a fixed server at 205.173.93.x. This is a contivity switch.
My client is an IP address assigned by RoadRunner.
During IKE (user w/ SecureID hard token, aggressive mode) another IP
address is assigned (3.179.89.x) by the contivity.
How do I express this in spdadd so that I can fire off racoon?
[client] 66.67.157.x (RoadRunner IP, dynamic, known at spdadd time)
|
[tunnel? endpoint] 3.179.89.x (dynamic, assigned during/after IKE)
|
{ Internet }
|
[tunnel? endpoint] ?.?.?.? (fixed, traceroute shows 3.179.68.x 1st hop)
|
[server] 205.173.93.x (fixed, known at spdadd time)
Thanks!
- Matt
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.40.0205160858030.10618-100000>