[strongSwan] SS5.1.0 and libipsec, configuration and usage questions

Kimmo K koippa at gmail.com
Wed Sep 25 19:20:28 CEST 2013


Hello

I'm interested at the new libipsec plugin and tried to find
information from SS wiki, I'm not sure if I understood the usage:

Can I use libipsec based configuration and netkey based configuration
at the same time?

Example:
- I have one site-to-site IKEv2 tunnel with spesific subnets that I
would like to handle with netkey.
- I would like to have one site-to-site IKEv2 tunnel that would use
ipsec0 interface with 0.0.0.0/0 traffic selectors but only the traffic
that I wan't would be routed to ipsec0.

What I'm planning here might be unusable and maybe I don't have such
scenario, but would that be possible?

I looked the example configurations from "Test libipsec/net2net-cert",
how one should define that libipsec is used in conn X instead of
netkey? I did not see anything related to libipsec in the ipsec.conf
files from moon or sun.

Regards,
Kimmo




More information about the Users mailing list