[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: isakmpd: unknown id type user_fqdn

To: misc@openbsd.org
Subject: Re: isakmpd: unknown id type user_fqdn
From: Hanspeter Roth <hanspeter_roth@hotmail.com>
Date: Sun, 9 Jun 2002 20:20:03 +0200
Content-Disposition: inline
Mail-Followup-To: misc@openbsd.org
References: <20020608201120.A9446@snoopy.there> <Pine.GSO.4.40.0206090125060.29115-100000@spitfire.crt.se>
User-Agent: Mutt/1.2.5.1i

  On Jun 09 at 01:34, Hakan Olsson spoke:

> 
> Ok, but note that Default-phase-1-ID is used for X509 certificate
> authentication, while you are using shared-key auth (the Authentication=
> field).

So where do I put the USER_FQDN? (At least it is known in the
manpage.)

> Yes, you still need a local ID for the VPN. Think "what's the local IP/net
> on this side of the tunnel".
> 
> If you plan to go to a setup where the "Road-Warrior" uses a dynamic
> address, your entire config file can probably look just like this
> eventually:

Sorry. I should have told you the Road-Warrior is OpenBsd with
isakmpd. The Road-Warrior has no net behind it. It should run in a
host-net environment. It's ID is expected to be a USER_FQDN. The ID
of the IPsec-peer is a ip4 address.
Is it possible with OpenBsd isakmpd to have an ID of type USER_FQDN?

-Hanspeter

Follow-Ups:
- Re: isakmpd: unknown id type user_fqdn
  - From: Hakan Olsson <ho@crt.se>

References:
- Re: isakmpd: unknown id type user_fqdn
  - From: Hanspeter Roth <hanspeter_roth@hotmail.com>
- Re: isakmpd: unknown id type user_fqdn
  - From: Hakan Olsson <ho@crt.se>

Prev by Date: Cable modem network setup recommendations
Next by Date: bug or feature? rmuser leaves /etc/ptmp file
Prev by thread: Re: isakmpd: unknown id type user_fqdn
Next by thread: Re: isakmpd: unknown id type user_fqdn
Index(es):
- Date
- Thread