And again we arrive at the lacking docu...|
- Why is it more flexible ?
- How is it different ?
- How would I do this "dummy interface" with 26 IPSEC and OpenSwan ?
- Why doesn't OpenSwan do this by default when using 26 ?
- How would I / Can I use tcpdump with this setup ?
- Is this possible with a stock 2.6 kernel ?
- and so on...
( I don't expect an answer here - I know some of the answers but not all..
this is more to demonstrate what's missing in my opinion)
- keep in mind that most people are NOT interested at all if some of
the above is in the sole "problem domain" of OpenSwan, of 2.6 kernel
or if it is a mixture of both - they want it to work smoothly and in an
Just my two cents,
Wichert Akkerman wrote:
Previously Lupe Christoph wrote:Such as having virtual interfaces to hang firewall rules from, preferably one per tunnel?You should be able to do that using dummy interfaces. Just keep in mind that ipsec is no longer done through an interface but via a route transform, which is a very different and more flexible approach. Wichert.