I have an application scenario where I need to test Nested IPsec Tunnels. In other words,
Linux Box <-----> IPsec GW 1 <------> IPsec GW 2 Outer IPsec Tunnel |<---------------->| Inner IPsec Tunnel |<-------------------------------------->| The Linux Box client cannot directly talk to IPsec GW 2. It's unusual, I know. I've set this up before with Linux Box being a Cisco router, and I've also done this using setkey and manual keying on a Linux box (although in that case, I had the traffic first running through a GRE tunnel interface, and then applied the outer tunnel to that, I'm not sure if that makes a difference). I googled and came up with some old threads talking about how this isn't supported with strongSwan unless I use two boxes, or a VM to route the traffic through again. Is this still the case? /Ryan
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
