[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: isakmpd: unknown id type user_fqdn

To: misc@openbsd.org
Subject: Re: isakmpd: unknown id type user_fqdn
From: Martin Schmachtel <schmadde@syscall.de>
Date: Mon, 10 Jun 2002 00:10:39 +0200
Content-Disposition: inline
Mail-Followup-To: Martin Schmachtel <schmadde@syscall.de>,misc@openbsd.org
References: <20020609202003.A840@gicco.cablecom.ch> <Pine.GSO.4.40.0206092316170.1241-100000@spitfire.crt.se>
User-Agent: Mutt/1.3.27i

Hakan Olsson schrob:
 
> One could argue that isakmpd should automatically translate a FQDN to an
> address for a Phase 2 ID, but this is currently not done. I don't really
> see a good reason why we should either.

Well, it would still be ID-type IPV{4,6}_ADDR then, right? But I think, 
especially in a road-warrior-type scenario (with isakmpd running on 
the road-warrior-box) it would make sense to be able to specify a hostname 
in an "Address" tag. After all, dynamic IP-addresses are very common in
this kind of scenario. In Phase 1 you can leave out "Local-Address",
so dynamic IPs are not a problem, if I remember correctly. 

But how do you specify Local-ID in a road-warrior (host-to-net) setup? I 
have not tried yet, but I think you cannot just leave it out. And 
rewriting isakmpd.conf on every address change isn't exactly elegant 
either.

ciaole
schmadde

Follow-Ups:
- Re: isakmpd: unknown id type user_fqdn
  - From: Hanspeter Roth <hanspeter_roth@hotmail.com>

References:
- Re: isakmpd: unknown id type user_fqdn
  - From: Hanspeter Roth <hanspeter_roth@hotmail.com>
- Re: isakmpd: unknown id type user_fqdn
  - From: Hakan Olsson <ho@crt.se>

Prev by Date: Re: isakmpd: unknown id type user_fqdn
Next by Date: so you want to run current?
Prev by thread: Re: isakmpd: unknown id type user_fqdn
Next by thread: Re: isakmpd: unknown id type user_fqdn
Index(es):
- Date
- Thread