IPSec Tunnel StaticIP_R1->DynamicIP_R2 with 2.1_RC0 possible ?



  • Hello,

    I just want to get the latest status about the IPSec support in 2.1_RC0.

    I have several "normal" tunnels, both IPv4 and IPv6 up and running on Static->Static routers
    but is now faced with a problem that I need to connect to a pfSense router that is not allowed to get
    staticIPs and would like to avoid the "Mobile Client/Roadwarrior" setup as I still wants to tunnel
    the other ends internal net.

    Is it possible to setup an IPSec Tunnel StaticIP_Router1 -> DynamicIP_Router2 using other PeerIdentifier type than IP
    and using a DynamicIP hostname in the "Remote gateway" entry?

    If course, there could be temporary problems if R2 is forced to change IP and the tunnel will go down
    temporary until it could re-initialize (the Dynamic IP hostname updates to new IP and the cached is thrown from DNS-cache
    and tunnel inits again) but we could live with that.

    I have seen other routers having this feature working so it should be possible and as the whole IPSec stack
    has largely been rewritten in 2.1 I was hoping for some better support in this area.

    I am running fairly uptodate 2.1_RC0 on my end.

    Best regards
    Dan Lundqvist
    Stockholm, Sweden


Log in to reply