Date: Thu, 16 May 2002 09:30:58 -0700 (PDT) From: Matthew Zahorik <matt@hottub.org> To: freebsd-net@freebsd.org Subject: IPsec and dynamically assigned IPs Message-ID: <Pine.GSO.4.40.0205160858030.10618-100000@hottub>
next in thread | raw e-mail | index | archive | help
All: I am unclear regarding spdadd arguments and my VPN setup. I'm attempting to replace Nortel's Contivity Extranet Client on Windows with a racoon/ipsec solution. I'm unsure if this is a "tunnel" or "transport" connection. I contact a fixed server at 205.173.93.x. This is a contivity switch. My client is an IP address assigned by RoadRunner. During IKE (user w/ SecureID hard token, aggressive mode) another IP address is assigned (3.179.89.x) by the contivity. How do I express this in spdadd so that I can fire off racoon? [client] 66.67.157.x (RoadRunner IP, dynamic, known at spdadd time) | [tunnel? endpoint] 3.179.89.x (dynamic, assigned during/after IKE) | { Internet } | [tunnel? endpoint] ?.?.?.? (fixed, traceroute shows 3.179.68.x 1st hop) | [server] 205.173.93.x (fixed, known at spdadd time) Thanks! - Matt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.40.0205160858030.10618-100000>