[strongSwan] strongswan multiple iterations?

Martin Willi martin at strongswan.org
Tue Jul 12 09:16:14 CEST 2011


> a) can two iterations of strongswan be run on the same network  -one on the 
> main router and the other on the ssh server?

Does the SSH server run on a dedicated box with a public IP? Then there
is no reason why you couldn't run strongSwan on it.

> b) if a) is true, can ipsec traffic be routed directly to the ssh server  
> though the main router has the ipsec daemon running ?

If ESP and IKE traffic will be addressed to the SSH server, why not.

But it is not clear to me why you'll need two IPsec gateways on your
network and what you'd like to do with them...


