I can't figure out how to make this work.
I have two fedora boxes, both configured to operate as router/nat/firewall boxes
One router has several interfaces. Some are public ips and connecting to them from the outside is not a problem. (That is the purpose of public ips right ;-) ) Two are private ip blocks at connect to the internet via nat. The box itself has a public static ip.
The other router is at a different location. It has a public DYNAMIC (DHCP) ip on one interface, and a internal private ip block on the ohter interface with this block natted out on the public ip.
I would like a ipsec tunnel between these two machines, and I can't seem to make it work. It works pretty well if I have statics on both routers. I am doing this several places. But I can't seem to find a way to make this work if the address on one end is dynamic.