VPN

I have a nice IPSec tunnel configured to connect my office network to my datacentre network with two m0n0walls. Unfortunately the office is currently connected through ADSL without a static IP address, so it occasionally changes. When that happens, the tunnel collapses.

I have a script running on another server in the office which checks every so often to spot the IP address change and updates a dynamic DNS record with the new IP address, which is then used by the datacentre end of the tunnel. That script could, in theory, trigger some operation to rebuild the tunnel but it seems the only way to rebuild the tunnel is to save the IPSec tunnel configuration (without changing it) from the web GUI.

Can anyone give me some pointers as to how I might get the m0n0wall to rebuild it's tunnel with a script-type operation, rather than through the GUI? Perhaps something I can do with wget and exec.php?

I'm pretty experienced with linux scripting and PHP, so I don't necessarily need a detailed recipe - just a clue as to how to tell monowall that it needs to do something.

1) Use a dynamic DNS provider.  I use no-ip.org with the custom setup.  It will update the record as soon as the IP address changes.

2) Under System -> Advanced -> Miscellaneous You may wish to set " IPsec DNS check interval" to a lower number.

3) Set the "DPD interval" in your tunnel config.

You should be all set now with no custom scripting.