Re: [Ipsec-tools-devel] SPD kernel policy - trigger connection as roadwarrior
Brought to you by:
mit_warlord,
netbsd
From: Stefan B. <ste...@cu...> - 2010-08-25 16:16:59
|
I thought generate_policy should/can only be used on the passive (serverside)? I want to establish the connection by the roadwarrior onky by pinging the remote lan. -original message- Subject: Re: [Ipsec-tools-devel] SPD kernel policy - trigger connection as roadwarrior From: VANHULLEBUS Yvan <va...@fr...> Date: 25/08/2010 5:16 pm On Wed, Aug 25, 2010 at 08:28:35AM +0200, Stefan Bauer wrote: > Hi folks, Hi. > i want to associate a connection from the roadwarrior to the vpn-gateway > (both is ipsec-tools/racoon) on demand - like when the roadwarrior is > trying to access the fileserver on the same machine as the > vpn-concentrator (192.168.5.1) > > I only have seen examples for setkey when both sides have independent > networks like in a site-to-site setup. is this possible for roadwarrior > cases as well? For such setups, don't generate static SPD entries, and use the "generate_policy" config option in racoon.conf's remote section. |