On Mon, 30 May 2016, Charles Wyble wrote:
I’m now attempting to have VTi work.
Per https://libreswan.org/wiki/Route-based_VPN_using_VTI it requires libreswan
3.18, however only 3.17 is released. I downloaded
the source from github and compiled, that gives me
You can also grab
https://download.libreswan.org/development/libreswan-3.18dr2.tar.gz
Is VTI working? Is there anything else I need to do to enable it?
Yes, see man ipsec.conf for the options mark= vti-interface= and
vti-routing=
That is explained in the VTI wiki page you linked above.
No vti interface exists (except perhaps one instantiated by the kernel?)
You need to establish the tunnel for the device to be created.
root@tsys-shared-router:~# ip a |grep vti
15: ip_vti0@NONE: <NOARP> mtu 1332 qdisc noop state DOWN group default
To see the tunnel device, use: ip tun
Paul
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan
