Hello all, My problem follows: There should be an IPSec Tunnel between the Net1 StaticIP1 [Suse Linux Firewall on CD2] and Net DynamicIP2 [Suse Linux 7.2]. The following reprsents the ipsec.conf connection - For each side reversed left/right. conn net-to-net left=212.202.x.x leftsubnet=192.168.1.0/24 leftrsasigkey=0s1LgR7/oUM... right=%any rightsubnet=192.168.2.0/24 rightrsasigkey=0sAQOqH55O... auto=add The Problem is now, when i create a new hostkey by 'ipsec newhostkey --output /etc/ipsec.de/host.key' on the Suse Linux Firewall on CD, the key is lost when we reboot the firewall. Is there any way for this product to build up a net-to-net Connection with rsa-key authentification then? Maybe we should better use cipe... Thank you so much for any help. Regards, Jan Pielhau