On 2020-02-20, Peter Müller <peter.muel...@link38.eu> wrote: > Hello openbsd-misc, > > is anybody out there running strongSwan as an IPsec client for a net-to-net > connection > on an OpenBSD machine? > > If so, I would be very grateful to know which steps are necessary in order to > successfully > route traffic through this n2n connection and what your ipsec.conf file (and > other ones, > if necessary) looks like. > > Sorry for bringing this up again, but I am out of ideas now and packaging > strongSwan > for OpenBSD would not make sense if it could not be used properly. :-) > > Thanks again for any advice on this. > > Best regards, > Peter Müller > >
strongSwan is packaged because it covers for some deficiencies in the tools in base and works in some use cases (say, single machine connecting to a VPN which needs EAP for authentication), that is a good enough use case that it makes sense to package it. I don't know how I could make it clearer than I already did in the package description and pkg-readme file about the state of support - you really want something else for lan-to-lan on OpenBSD.