I'm attempting to create a VPN between two RFC 1918 private address
networks. One has a fixed IP address, the other is connected via a dialup
ISDN link and its IP address is dynamically assigned. I've looked at the
mini-faq, the man pages etc., but it is not apparent on how to create the
SA's and the flows for this to occur.
I have a reasonable way of sharing secrets between the two networks, but
is there any references on how to create the SA's and flows?? I see from
the ipsecadm man page that wildcard source or destination addresses are
allowed (0.0.0.0) -- is that what I should be doing?? Also, when the link
goes down, what do I do to delete/re-initiate the SA's and flows upon startup?
I can initiate things with the ipup script in the ppp utility, (also the ipdown)
so I can create/delete things from a script. I securely can tell the fixed
address what my dynamic IP address is, and also what the encryption keys are
(a C program), and can programmatically create/destroy the SA's and routes, but
I need specific assistance, as I've never done this aspect before -- HELP!
Any assistance is deeply appreciated:
192.168.1.0 --- <dyn IP> --- ( internet ) --- <fixed IP> --- 192.168.2.0