Harald Dunkel
2018-07-12 05:58:29 UTC
Hi folks,
https://wiki.strongswan.org/projects/strongswan/wiki/PskSecret shows several
examples for entries in ipsec.secrets with '@' at the begin of a FQDN. There
is no example for a PSK using FQDNs without '@'.
https://wiki.strongswan.org/projects/strongswan/wiki/IpsecSecrets does not
mention the '@' at the beginning of a FQDN at all. There is just a tiny hint
in the config manual (ipsec.conf) about using '@' to avoid a DNS lookup of
the leftid or rightid for strongswan < 5.0.
Which one is right? Is the '@' obsolete today? Apparently the PskSecret page
is pretty old.
Every helpful comment is highly appreciated
Harri
https://wiki.strongswan.org/projects/strongswan/wiki/PskSecret shows several
examples for entries in ipsec.secrets with '@' at the begin of a FQDN. There
is no example for a PSK using FQDNs without '@'.
https://wiki.strongswan.org/projects/strongswan/wiki/IpsecSecrets does not
mention the '@' at the beginning of a FQDN at all. There is just a tiny hint
in the config manual (ipsec.conf) about using '@' to avoid a DNS lookup of
the leftid or rightid for strongswan < 5.0.
Which one is right? Is the '@' obsolete today? Apparently the PskSecret page
is pretty old.
Every helpful comment is highly appreciated
Harri