Picking up an offline conversation... We currently have the "$VPN" variable in /etc/rc.conf just as we do for the firewall selection...
Not sure that it's appropriate in the former case. With a firewall, you really only need 0 or 1. But with VPN, you can have mix & match of both VPN-over-IPsec and VPN-over-SSL (and conceivably VPN-over-L2TP and VPN-over-PPTP and VPN-over-carrier pigeons and ...) ... well, basically as many instances and varieties of VPN as are useful to support all the peering combinations that users might have. Lonnie thinks that setting VPN to "ipsec", "openvpn", or "" simplifies management. I think this is an unnecessary constraint on how VPN gets used, and we should try to make it as flexible as reasonable. Anyone else want to contribute their thoughts? Thanks, -Philip Philip Prindeville wrote: > I'll look into it. > > -Philip > > > Justin Coffi wrote: > >> I got a nasty error using the built in racoon config in rc.conf using >> the astlinux-0.6-1934-via.tar.gz image. >> >> 09-10-2008 19:50:06 Daemon.Info 192.168.XX.XX racoon: >> ERROR: /tmp/etc/racoon.conf:8: "sec" NAT-T support not compiled in. >> >> >> >> Philip Prindeville wrote: >> >>> Not even necessary. >>> >>> You can run racoon with an alternate config file, as: >>> >>> racoon -f /etc/racoon2.conf >>> >>> for instance. >>> >>> >>> Justin Coffi wrote: >>> >>> >>>> I'd like to use racoon as a client (as in Client <---> Server) in VPN >>>> connections. Can I, in theory, just remove the link to it in /etc/ and >>>> replace it with a real racoon.conf file located at /mnt/kd/racoon.conf ? >>>> >>>> >>>> >>>>> >>>>> >>>>> >>>>> >>> >>> ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Astlinux-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to [EMAIL PROTECTED]
