We did integration on Debian, but it shouldn't be hard to port to CentOS. It uses racoon and ipsec-tools, and is managed by the "debian/ovs-monitor-ipsec". I'm not 100% happy with our solution, but it works. I'd start by looking there.
--Justin On Dec 14, 2012, at 1:49 AM, Diego Rivero <[email protected]> wrote: > How can I achieve GRE over IPsec on CentOS 6.3 instead of debian? > > So far what I've understood is the following.. > > # ovs-vsctl add-port br0 gre0 > # ovs-vsctl set interface gre0 type=ipsec_gre \ > options:remote_ip=192.168.2.xxx \ > options:psk=testtest \ > options:certificate=cert.pem \ > options:peer_cert='"-----BEGIN CERTIFICATE-----(not a real peer > certificate)-----END CERTIFICATE----- \ > > > But I don't know how to move it forward. Do I need to install openswan for > encryption? How can I configure to tell open vswitch the existance of > openswan? Does open vswitch have an encription module on its own? > > Thanks in advance. > > Diego > _______________________________________________ > dev mailing list > [email protected] > http://openvswitch.org/mailman/listinfo/dev _______________________________________________ dev mailing list [email protected] http://openvswitch.org/mailman/listinfo/dev
