I did the following:
[root@sme-server root]# ipsec verify
Checking your system to see if IPsec got installed and started correctly
Version check and ipsec on-path [OK]
Checking for KLIPS support in kernel [OK]
Checking for RSA private key (/etc/ipsec.secrets) [OK]
Checking that pluto is running [OK]
DNS checks.
Looking for forward key for sme-server [FAILED]
Looking for KEY in reverse map: 55.42.84.200.in-addr.arpa [OK]
Does the machine have at least one non-private address [OK]
and wonder if the failed [Looking for forward key] might be the cause of the problem we are experiencing.
In my case it's important to find a solution for servers using dynamic DNS as this is the only economically posible solution for the personal or family VPN in Venezuela.
Charlie, a came across this
http://www.freeswan.org/freeswan_trees/freeswan-1.99/doc/quickstart.htmland think it might help solve the problem. If you get the chance to read through, would you comment on your interpretation of its contents as I am having problems understanding the procedure of including the KEY and TXT in the DNS.
Hope this gets us going.
Regards,
Ernesto