[Shorewall-users] Tips on configuring ipsec-tunnels on shorewall system

Steve Estes estess@comcast.net
Wed, 03 Apr 2002 20:49:12 -0500

There was a post in the freeswan user forums some time back about how to
(allegedly easily) use freeswan with dynamic ips. The guy's site was
www.leetnet.org but I don't know much about it or how well it would interact
with shorewall. Personally, I have two sites behind shorewall that I connect
via freeswan and both have dynamic ips. I've written a bunch of python
scripts that take care of pre-tunnel communication for configuration
(nexthops and such), changing config files and bringing things up and/or
restarting them  when things change. Definitely have a 2 site slant to them
though and are nowhere near ready for prime time. If there is any interest
out there I could work towards generalizing them a bit more and make them


----- Original Message -----
From: "Örjan Johansson" <orjan@whyevenbother.com>
To: <shorewall-users@shorewall.net>
Sent: Wednesday, April 03, 2002 2:46 PM
Subject: [Shorewall-users] Tips on configuring ipsec-tunnels on shorewall

Hi all!

I'm about to set up a couple of systems using FreeS/WAN. It will be one
central office, with tunnels going to three or four offices. I've read
Tom's old files where he has a tunnel, but I am curious as to how, for
example, the tunnels file would look with more than one tunnel, and
no-one with a fixed Ip address!

Any pointers, examples etc would be extremely appreciated!

Shorewall-users mailing list