> I have two Dachstein IPsec gateways in place. One is a static IP, the > other is Dynamic. I can not get the VPN up. When I change the ipsecrets > file to reflect the IP assigned to the Dynamic connection it works! but as > soon as I specify it as Dynamic it doesn't. When this happens > /var/log/auth.log says that no preshared key could be found for > 68.87.38.109 (the dynamically assigned address) and 216.29.35.154 (the > remote static address). Any one have any suggestions?
It sounds like IPSec isn't finding the proper secret to use unless the secret is tagged with the remote IP. Are you assigning connection ID's in ipsec.conf? IPSec will use the IP as a default ID if you don't assign one manually. I typically use unresolved names as a connection ID, rather than IP addresses...they are easier for me to remember (and make sense of). IIRC, there may also be some limitations on using pre-shared-secrets vs. RSA signature keys...which are you trying to use? Try something like: [EMAIL PROTECTED] [EMAIL PROTECTED] in your connection description at both ends... If that doesn't help, you'll probably have to provide your ipsec.conf and ipsec.secrets file for inspection (remove/alter any private info from ipsec.secrets before posting, but keep it otherwise intact). Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
