> When connecting via dialup/dhcp, I seem to have to edit my SPD entries to
>accomodate the changes in the outer IP address:
>
>spdadd A.B.C.D/32 A.B.C.0/24 any -P out ipsec esp/tunnel/E.F.G.H-Q.R.S.T/require;
>
> I would like to leave E.F.G.H unspecified. Can I put 0.0.0.0 in there and
>let the routing system pick the appropriate outgoing IP? The man page says
>nothing about doing that.
> {Later tonight, I'll use the source}

        i don't think it is supported. how can you inform of your change to
        the other end's policy table?
        (NOTE: racoon does not negotiate policy)

itojun

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]