On Thu, May 5, 2011 at 7:39 AM, Rajesh Kumar G <[email protected]> wrote: > Hi, > > Greetings, > > I would like to know if it is possible to protect an OVS CAPWAP tunnel using > IPSec? If Yes, what should be the SA, SP created to make the traffic hit > that?
When Open vSwitch sets up IPsec tunnels itself it changes the behavior of the tunneling code to make it compatible with IPsec. However, this does not happen if you configure IPsec manually yourself. Is there a reason that you are using CAPWAP instead of GRE? We have not found any uses yet for CAPWAP over IPsec, which is why it is not implemented. GRE is more standard and should work fine with the OVS IPsec support. _______________________________________________ discuss mailing list [email protected] http://openvswitch.org/mailman/listinfo/discuss
