Re: VPN between 2 dynamic ip's ?

[Geoff Crompton <geoff.crompton@bjhcontrols.com.au>]

On Thu, Aug 22, 2002 at 01:57:32AM +0200, R?mi Letot wrote:
> Hi all,
> 
> I'd like to setup a VPN between two hosts on cable connection. The
> problem is that they have dynamic ip's, and none of the two sides is
> permanently up (most of the time they are up, but it's not guaranteed
> at all). Furthermore, I can't be sure of which one will come up first
> when they are down (or one of them is down).
> 
> So the solution must be completely flexible regarding which end is a
> "server", or which side is "calling" the other.
> 
> On the plus side, I can register them to a dynamic dns service, and I
> could hack a setup using vtund. My problem is that it'sreally a hack,
> and I'd like a cleaner and more robust solution.
> 
> Is there one ?
> Ty,

  I can't remember, but does FreeSwan support specifying connections
  with domain names? You would have to use RSA key authentication to
  make it work, as the connection is coming in on a 0.0.0.0 address
  specification (as it is going to be dynamic). I guess you would need
  to write some sort of cron script that would periodically try and
  establish the connection. You might have to go as far as dynamically
  generating a config file and restarting freeswan. (If you were going
  to use freeswan).

  If you work out a solution, I would be interested in knowing. There is
  a chance that I might have to implement something similar in a few
  months.

  Cheers

  Geoff