[Swan] GW To GW IPSec connection between CheckPoint and Libreswan

Paul Wouters paul at nohats.ca
Fri Oct 30 13:34:08 UTC 2015


On Fri, 30 Oct 2015, Amir Naftali wrote:

> Subject: Re: [Swan] GW To GW IPSec connection between CheckPoint and Libreswan
> 
> This sounds great, having such a capability will provide a powerful tool supporting an advance set of
> use cases
> Is there a way to get an early peek at the patch so I can test it against some use cases that we have

This was pushed:

https://github.com/libreswan/libreswan/commit/f0328a91565c7a9951c9bc6b330ab15667e58fcd

Note that the _updown script does not yet actually do any marking.

I need to understand better how that would need to be done and what
parameters are needed and how this would work well with vti. If anyone
has suggestions or patches for _updown.netkey, please let me know.

Paul


More information about the Swan mailing list