Hi All, Can you please provide inputs on this?
Regards, Sarat On Tue, Jul 5, 2016 at 5:40 PM, Sarat Vajrapu <[email protected]> wrote: > Hi All, > > I am new to strongswan and trying to protect host-host traffic using ipsec > tunnel mode. However I observe that only the traffic between endpoints are > protected and not complete traffic. > > *Strongswan Version*: Linux strongSwan U5.3.2/K3.12.19-rt30 > > *Topology*: > > <<<<<LAN1>>>> ------- GW_A <---------- internet---------------> GW_B > -------------------- <<<<<LAN2>>>>>> > > > *Requirement:* > To protect all traffic from LAN1 to LAN2 and vice versa. LAN<> can have > many subnets. > > *Current setup:* > I brought a IPsec with tunnel mode between GW_A and GW_B. > My understanding is that when tunnel mode is enabled, the LAN traffic will > be protected by adding outer headers(GW_A, GW_B) but I see that the LAN > traffic is going in cleartext. The traffic with only <src:GW_A,dst:GW_B> > and vice versa are protected. > As there are many subnets and they are dynamic, its not feasible to > configure many left/right subnets. > > Can you please help me with this - any config addition/any change in > routing table? > > Regards, > Sarat >
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
