aggressive mode VPN under OpenBSD
Niels Provos
provos at CITI.UMICH.EDU
Fri Jun 2 20:42:19 EDT 2000
In message <Pine.BSO.4.20.0006021012380.13951-100000 at mailgate.netsec.net>, matt
hew patton writes:
>aggressive mode configuration I've seen doesn't use dynamic IP's and
>further, recent isakmpd's reject the phase1 section because it's
>missing the "Authentication=" section. So does anybody out there have a
>working isakmpd.conf file that uses dynamic IP clients AND aggressive
>mode?
In aggressive mode you can deal with dynamic IPs by using either
USER_FQDN or FQDN IDs. You can leave out the Authtenication= entry in
the default section, and put a different authenication key into each
ID section.
Niels.
VPN is sponsored by SecurityFocus.COM
More information about the VPN
mailing list