IPSec tunnel and dinamic IP
-
If you can turn this into GUI code with a checkbox to enable dynamic ipsec, I will commit.
Send diff's to coreteam@pfsense.com
Thanks for your work so far!
I can do that, a couple of questions for you.
So from a pfsense project perspective the preferred look would be to add a checkbox next to the remote host textbox and when that is checked the input should be a hostname instead of a ip address.
Is a diff against 1.2-RC2 ok?
Any preference on where the cron job script should be stored and how to specify how i want it to run (say every 15 minutes)?
-
I can do that, a couple of questions for you.
So from a pfsense project perspective the preferred look would be to add a checkbox next to the remote host textbox and when that is checked the input should be a hostname instead of a ip address.
Is a diff against 1.2-RC2 ok?
Any preference on where the cron job script should be stored and how to specify how i want it to run (say every 15 minutes)?
#1 Yeah, a checkbox would be fine.
#2 I would prefer a diff against HEAD and RELENG1. This will not make it into 1.2 as we are frozen.
#3 Use minicron which is included. You can tell minicron to launch a script every X minutes. However, we should only launch this minicron process when we detect someone is using a dynamic hostname to avoid unnecessary process startups every 15 minutes when we do not need to. Also, a shell script to deterimine changes in the hostname would be ideal and only invoke php when absolutely needed but I would settle for either.Thanks for your help on this! This should be a great addition for folks.
-
#1 Yeah, a checkbox would be fine.
#2 I would prefer a diff against HEAD and RELENG1. This will not make it into 1.2 as we are frozen.
#3 Use minicron which is included. You can tell minicron to launch a script every X minutes. However, we should only launch this minicron process when we detect someone is using a dynamic hostname to avoid unnecessary process startups every 15 minutes when we do not need to. Also, a shell script to deterimine changes in the hostname would be ideal and only invoke php when absolutely needed but I would settle for either.Thanks for your help on this! This should be a great addition for folks.
Ah! I see movement. I am using script (simple one) for some time now and it is working OK.
This addition with web front end will be much better.Any new development?
Sasa
-
Dyanmic IPSEC support is already in -HEAD and RELENG_1_3; imported from m0n0wall recently.
-
Dyanmic IPSEC support is already in -HEAD and RELENG_1_3; imported from m0n0wall recently.
Cool, no need for the workaround then.
-
Dyanmic IPSEC support is already in -HEAD and RELENG_1_3; imported from m0n0wall recently.
Yupiiiii!!!
This is great news. No nead to write scripts for that any more then.TNX!
-
Dyanmic IPSEC support is already in -HEAD and RELENG_1_3; imported from m0n0wall recently.
And how can I download image with that modifications? I isn't at location usualy allowed to us mortals.
I know that it is in alpha stage (or near that) but I will like to play with. -
We currently do not have images for this. Expect to see some betas/alphas right after 1.2 is released.
-
We currently do not have images for this. Expect to see some betas/alphas right after 1.2 is released.
OK!
TNX for info. -
If a script, or better yet, an update to the web interface would allow this hack to get two dynamic DNS Pfsense boxes to build a IPSEC tunnel, I would be happy to pay a bounty for that.
Robert
-
If a script, or better yet, an update to the web interface would allow this hack to get two dynamic DNS Pfsense boxes to build a IPSEC tunnel, I would be happy to pay a bounty for that.
I don't see any reason why these changes would not work in this case. It might take a minute or two for the other end to come back up, but in theory it should work.
-
I guess there is no plan to backport the m0n0wall update into the 1.2 branch is there?
-
1.2 is frozen.