Re: VPN between 2 dynamic ip's ?

To: R?mi Letot <hobbes@easynet.be>
Cc: debian-security@lists.debian.org
Subject: Re: VPN between 2 dynamic ip's ?
From: Phillip Hofmeister <plhofmei@zionlth.org>
Date: Wed, 21 Aug 2002 21:33:02 -0400
Message-id: <[🔎] 20020822013302.GA511@zionlth.org>
Mail-followup-to: R?mi Letot <hobbes@easynet.be>, debian-security@lists.debian.org
In-reply-to: <[🔎] 87ofbvydcj.fsf@easynet.be>
References: <[🔎] 87ofbvydcj.fsf@easynet.be>

Greets,

On Thu, 22 Aug 2002 at 01:57:32AM +0200, R?mi Letot wrote:
> I'd like to setup a VPN between two hosts on cable connection. The
> problem is that they have dynamic ip's, and none of the two sides is
> permanently up (most of the time they are up, but it's not guaranteed
> at all). Furthermore, I can't be sure of which one will come up first
> when they are down (or one of them is down).
> 
> So the solution must be completely flexible regarding which end is a
> "server", or which side is "calling" the other.
> 
> On the plus side, I can register them to a dynamic dns service, and I
> could hack a setup using vtund. My problem is that it'sreally a hack,
> and I'd like a cleaner and more robust solution.
> 
> Is there one ?
Yes, stick the IPs in on each end.  If an IP changes, so what?  I am assuming
you are using freeswan w/ key authentication...
The person that has the IP you are trying to connect to will not have the key
if it is the incorrect box.  AFA which should connect first, have them both
contact each other.  DNS would probably be your best bet though...

-- 
Phil

PGP/GPG Key:
http://www.zionlth.org/~plhofmei/
wget -O - http://www.zionlth.org/~plhofmei/ | gpg --import

Reply to:

References:
- VPN between 2 dynamic ip's ?
  - From: hobbes@easynet.be (Rémi Letot)

Prev by Date: Re: VPN between 2 dynamic ip's ?
Next by Date: Re: IPSec VPN and Watchguard Firebox 2
Previous by thread: Re: VPN between 2 dynamic ip's ?
Next by thread: Re: VPN between 2 dynamic ip's ?
Index(es):
- Date
- Thread