Hello everyone, I need to setup a 0.0.0.0/0 to 0.0.0.0/0 ipsec tunnel. I was thinking to setup it with the new xfrm interfaces: I don't need route all the 0.0.0.0/0 throught this vpn.
My question is how 'route based' and 'policies based' VPNs will coexist on the same linux box. For example, if I'm going to implement a 0.0.0.0/0 to 0.0.0.0/0 vpn with the xfrm interfaces and then I will route the traffic only for the 155.192.168.0/24 network throught the ipsec0 device (for example), and then I implement a classic policy based vpn (without the xfrm interface) with the following traffic selectors 166.172.16.0/24 and 177.16.172.0/24, what will happen? Will the linux kernel process the packets for the 166.172.16.0/24 and 177.16.172.0/24 into the right ipsec policy? Thanks Marco
