[Swan] Interworking with Cisco VTI model (any-to-any tunnel, selected routing)

Sébastien Lefevre sebastien.lefevre at homesend.com
Thu Dec 3 18:20:10 UTC 2015

That's perfect.

Looking forward such a future release, in the meantime we still have options to support this Cisco VTI model.

Again, thank you very much for your prompt suggestions and advices.


On Thu, 3 Dec 2015, Paul Wouters wrote:

> >> So your use case would be fixed with leftpolicynets=a.b.c.d/32 and
> >> rightpolicynets=
> >
> > Just to make sure: are you talking of future options or are they already
> available? That sounds *exactly* like what I was looking for...
> > (I can't find them in the current codebase, so maybe I didn't waste
> > your time after all :)
> Future options, sorry. although it should not be too hard to implement.
> It just needs to take a string and pass that to the updown script, which can
> then run the iptables rules required. Possibly we need an option to generate
> a unique mark so people don't have to specify the mark manually.
> Paul

More information about the Swan mailing list