Hi everyone,
I tried to use LibreSwan to encrypt traffic for geneve protocol but failed.
Below is my configuration:
In host 1 /etc/ipsec.conf:
config setup
uniqueids=yes
conn %default
keyingtries=%forever
type=transport
auto=route
ike=aes_gcm256-sha2_256
esp=aes_gcm256
Thanks!
-Qiuyu
> On Aug 2, 2018, at 8:19 PM, Paul Wouters wrote:
>
> On Thu, 2 Aug 2018, Qiuyu Xiao wrote:
>
>>>> I tried to use LibreSwan to encrypt traffic for geneve protocol but failed.
>
> I reproduced the bug and added a (failing) test case for this:
>
Hi everyone,
I am trying to configure a host-to-host transport IPsec tunnel. Each
host uses the other host's self-signed certificate to do
authentication. But I encountered some "X509: temporary cert import
operation failed" error.
Here is my configuration file:
Hi Paul,
I tested this patch with geneve and vxlan IPsec tunnels. They both
work! Thanks you so much for fixing this bug!
Thanks,
Qiuyu
On Tue, Sep 4, 2018 at 6:23 PM Paul Wouters wrote:
>
> On Thu, 2 Aug 2018, Qiuyu Xiao wrote:
>
> > I tried to use LibreSwan to encrypt tra
Hi everyone,
I recently encountered a problem when running Libreswan in Fedora 28.
I though it might be a bug so I just post it here.
Basically, I was deploying transport mode IPsec between two hosts.
After I set up Libreswan in Fedora 28 with 4.14.0 kernel, I found that
the packet cannot be