Check for the host to host examples. If there is no NAT, you can use type=transport so the VPN is limited to the IP addresses of the endpoints without the packet-in-packet tunneling of tunnel mode
Sent from mobile device > On Apr 3, 2019, at 12:09, John Crisp <[email protected]> wrote: > >> On 03/04/19 06:50, jchludzinski wrote: >> I have a Raspberry Pi 3 board and a CentOS 7.4 box both running >> libreswan-3.25. I want to connect the 2 using ipsec BUT I don't want to >> build a VPN (no L2TP/IPsec). >> >> I just want peer-to-peer communication minus tunneling. >> >> Are there instructions for this? Every web search I've done results in >> discussions of L2TP/IPsec (i.e., tunneling). >> > > You might want to improve your web searching before worrying too much > about building a VPN... > > You can build pure ipsec <-> ipsec but it is still a VPN *and* a tunnel.... > > http://www.firewall.cx/networking-topics/protocols/870-ipsec-modes.html > > https://superuser.com/questions/378252/ipsec-versus-l2tp-ipsec > > > _______________________________________________ > Swan mailing list > [email protected] > https://lists.libreswan.org/mailman/listinfo/swan _______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
