You need:
dyndns or no-ip account for both ends
dynip-updateclient configured and working on both ends
(we use no-ip-client compiled with pluspack on a 3.2 ASL)
nslookup from tools.tgz
faith
configure your VPN on both ASL with actual IPs
as 'standard'. Use PSK for testing.
create a script in /usr/local/sbin
#!/bin/bash
# yes, it is really ugly :-)
cp /etc/wfe/conf/netdata /tmp/
nslookup | grep Address | cut -d : -f 2 | cut -d \ -f 3 > /tmp/your-VPN-partner.txt
sed /127.0.0.1/d /tmp/your-VPN-partner.txt > /tmp/your-VPN-partner1.txt
newip=`cat your-VPN-partner1.txt`
#echo $newip
cat /etc/wfe/conf/netdata | grep your-VPN-partner_red | cut -d \# -f 3 > /tmp/compare.txt
sed /your-VPN-partner_red/d /tmp/netdata > /tmp/netdata1 && \
line1='X#your-VPN-partner_red#' && \
line2='#255.255.255.255#V' && \
line3=$line1$newip$line2 && \
echo $line3 >> /tmp/netdata1 && \
diff your-VPN-partner1.txt compare.txt || \
cp /tmp/netdata1 /etc/wfe/conf/netdata && \
chmod 644 /etc/wfe/conf/netdata && \
chown wwwrun.nogroup /etc/wfe/conf/netdata
don't forget to chmod it executable and call this script by cron every 5 minutes
when you touch netdata, mdw reconfigures your connections.
have fun,
Erik
