[strongSwan] Nested IPsec Tunnels
Ryan Ruel
ryan at ryanruel.com
Tue Mar 3 01:48:44 CET 2015
I have an application scenario where I need to test Nested IPsec Tunnels.
In other words,
Linux Box <-----> IPsec GW 1 <------> IPsec GW 2
Outer IPsec Tunnel
|<---------------->|
Inner IPsec Tunnel
|<-------------------------------------->|
The Linux Box client cannot directly talk to IPsec GW 2. It's unusual, I
know.
I've set this up before with Linux Box being a Cisco router, and I've also
done this using setkey and manual keying on a Linux box (although in that
case, I had the traffic first running through a GRE tunnel interface, and
then applied the outer tunnel to that, I'm not sure if that makes a
difference).
I googled and came up with some old threads talking about how this isn't
supported with strongSwan unless I use two boxes, or a VM to route the
traffic through again. Is this still the case?
/Ryan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20150302/c85fa910/attachment.html>
More information about the Users
mailing list