[strongSwan] Reg : Protocal specific encryption in Strongswan 5.3

Sindhu S. (sins) sins at cisco.com
Wed Oct 7 12:11:17 CEST 2015


Hi all,

I'm using Link local GRE tunnel, With source interface as eth1.
I'm able to encrypt all the packets sent on eth1.

But I want only the packets , which are GRE and sent on Eth1 has to be encrypted.
I added leftprototype=gre , rightprototype=gre in ipsec.conf file.

But the packets are not getting encrypted and ping also not working after this change.
And also , I came to know that it got deprecated.

left|rightprotoport = <protocol>/<port>

restrict the traffic selector to a single protocol and/or port. Since 5.1.0<https://wiki.strongswan.org/projects/strongswan/wiki/510> this option is deprecated
as protocol/port information can be defined for each subnet directly in left|rightsubnet.

Can you please point me , how to use the same in strongswan 5.3

Thanks,

Sindhu


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20151007/91d8ef57/attachment.html>


More information about the Users mailing list