Re: [Ipsec-tools-devel] xauth_psk_* patch
Brought to you by:
mit_warlord,
netbsd
Menu
▾
▴
Re: [Ipsec-tools-devel] xauth_psk_* patch
|
From: F. S. <fre...@la...> - 2005-02-14 19:29:14
|
Monday, February 14, 2005, 6:53:05 PM, you wrote:
> Hi Fred,
> As Cisco normally gives us all the remote
> networks (SPLIT_INCLUDE environment variable), it would be nice if one
> could somehow establish the connection without knowing any remote network.
> Is that something that's possible or planned?
You need to set-up a phase1_up script using those environment
variables, and it'll work. I should have written the scripts, but I
didn't have time. Now, if you want to do it, I think it should work
like this :
- start from the src/racoon/samples/roadwarrior/client/phase1-up.sh
script
- if the env variable "SPLIT_INCLUDE" is set :
- do not change the default route
- split $SPLIT_INCLUDE on spaces, then on slashes, and create the
routes based on it (based on the current code)
- if the env variable "SPLIT_LOCAL" is set :
- leave the default route change code
- split $SPLIT_LOCAL on spaces, then on slashes, and create routes
based on it using the machine's default gateway and interface
If you manage something useable, let me know.
Fred
--
De l'os après la chair De l'acide au rabais Jusqu'à en faire pourrir
Les derniers noyaux frais Qui recréera la base Qui reconstruira l'pont
Qui saura déchirer Le ciment sous les plaines Hosanna, Hosanna
Et en route pour la joie (Noir Désir, En route pour la joie)
|