[strongSwan] Exclude protocol from IPsec
Piyush Agarwal
agarwalpiyush at gmail.com
Mon May 22 19:09:03 CEST 2017
Hi,
Reading through the left|rightsubnet, it seems like there is no way to
*exclude* a protocol from getting encrypted?
I have a host to host tunnel and I want to encrypt everything between these
except ICMP since I'd like to do out-of-tunnel ping/traceroute.
Prior to using strongswan, I was using racoon where I could use setkey to
manually update the SPD to exclude icmp alone.
Please advise if there is any way to achieve this with strongswan.
Thanks.
--
Piyush Agarwal
Life can only be understood backwards; but it must be lived forwards.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20170522/71c04a34/attachment.html>
More information about the Users
mailing list