Hi, I've met trouble when I attempt to create a VPN between my PC and my lan in my home. The structure of my network structure is illustrated in the attachment. First, I have no idea about how to configure the /etc/setkey.conf file. Because the two port on the Internet are both with dynamic IP. How do I specify the "add" statements for sad and "spd" statements? I've try to add sad entry like this: add 192.168.0.250 anonymous ah 0x200 -A hmac-sha2-256 0x7d5555f0355edabbb2e6e9a9c2d0ece421adbfaf94e953fe807e34ab22501d7c; But I got "Name or service not known at [ah]" error message after I run the command "/sbin/setkey -f /etc/setkey.conf". I doubt if it is possible to create a VPN with such network structure. I've read many articles about ipsec-tools over NAT-T, but all these articles assume that the ip address of the NAT gateway is static. Thanks, Enliang.
Attachment:
NetworkStructure.png
Description: PNG image
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
