[strongSwan-dev] VXLan over IPSec

Leo leodotcloud at gmail.com
Wed Nov 8 23:54:21 CET 2017


Hi Sankar,

VXLAN over IPSec works.
If you look at “docker network create” with encrypted option you can see this in action. Even though strongswan is not in the picture there, you can see the IPSec tunnels in kernel (ip xfrm state).

Regards,
Murali Paluru.

On 11/8/17, 12:32 PM, "Dev on behalf of Noel Kuntze" <dev-bounces at lists.strongswan.org on behalf of noel.kuntze+strongswan-dev-ml at thermi.consulting> wrote:

    Hello Sankar,
    
    It is irrelevant, because strongSwan does not process any traffic. It is supposed to work OOTB with any OS and with any IP protocol, except multicast.
    
    Kind regards
    
    Noel
    
    On 07.11.2017 12:18, Sankar Penniboyina wrote:
    > Hi all,
    >
    > Does anybody know if VXLAN over IPSec is supported by Strongswan?
    >
    > Thanks,
    > Sankar
    >
    
    -- 
    Noel Kuntze
    IT security consultant
    
    GPG Key ID: 0x0739AD6C
    Fingerprint: 3524 93BE B5F7 8E63 1372 AF2D F54E E40B 0739 AD6C
    
    
    




More information about the Dev mailing list