On Thu, 29 Oct 2015, Tom Harbert wrote:
I am looking at migrating from Strongswan to libreswan on an Ubuntu 14.04
system.
# dpkg -l | grep libreswan
ii libreswan 1:3.14-1 amd64
Internet Key
Exchange daemon
Is it possible to implement IPSec over a virtual tunnel interfaces (VTI) ? In
strongswan, to do this a
mark is set under the connection profile (mark=x) and this corresponds to the
tunnel interface key:
$ ip link add $INTERFACE type vti local $LOCAL_IP remote $REMOTE_IP key $KEY
What is $INTERFACE filled in with? vtixx where xx is the mark?
What is $KEY?
AWS require VTI as opposed to GRE tunnels.
I'm happy to write a patch to support this, but I'm not sure yet I fully
understand the setup.
Paul
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan
