[strongSwan] routed based vpn or CISCO VTI (Virtual Tunnel Interface)
Andreas Steffen
andreas.steffen at strongswan.org
Mon Apr 2 12:37:19 CEST 2012
Hello Fabrice,
On 02.04.2012 10:54, Fabrice Barconnière wrote:
> Hello,
>
> Is there a way to do as CISCO VTI (Virtual Tunnel Interface) with
> Strongswan ?
> All network traffic is routed in "tunnel" interface.
>
We are working on a userland IPsec encryption plugin using a a virtual
tunnel interface. It will be available somewhere in June 2012.
> Does traffic selector should be define as %any or 0.0.0.0/0.0.0.0 ?
> In database mode, %any value can be set to traffic selector ?
>
In ipsec.conf the whole Internet is designated as 0.0.0.0/0 or %default.
In the database you define an IP range, i.e.
INSERT INTO traffic_selectors (
type, start_addr, end_addr
) VALUES (
7, X'00000000', X'ffffffff'
);
Regards
Andreas
> Regards,
> Fabrice Barconnière
> Rectorat de Dijon
> Equipe EOLE
>
>
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
--
======================================================================
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[ITA-HSR]==
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4489 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20120402/ff6aeefb/attachment.bin>
More information about the Users
mailing list