[strongSwan] Support for multiple interfaces(wired, wireless) in strongswan
Mahendra SP
mahendra.sp at gmail.com
Wed Jan 6 11:45:51 CET 2016
Hi all,
I found the below link:
https://wiki.strongswan.org/issues/185
which says "charon always listens on all interfaces". Does this mean we can
not enable/disable strongswan IPsec per interface ?
Thanks
Mahendra
On Tue, Jan 5, 2016 at 10:45 PM, Mahendra SP <mahendra.sp at gmail.com> wrote:
> Hi All,
>
> I am looking in to the information regarding support for multiple
> interfaces in strongswan.
>
> If we have a device with multiple interfaces active (wired and wireless)
> at the same tiem, can we have a configuration as below ?
>
> 1. Can IPsec policy be enabled for wired but not for the wireless ?
> 2. If policy is enabled only on wired, can we pass wireless packets
> without applying IPsec ?
> 3. Can the above be done for both initiator and responder cases?
> 4. Is it possible dynamically enable/disable IPsec for a particular
> interface ?
>
> Can we use options "charon.interfaces_ignore" and charon.interfaces_use"
> to achieve the above use cases ?
>
> Thanks
> Mahendra
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20160106/2b416f69/attachment-0001.html>
More information about the Users
mailing list