[Swan] vti support
paul at nohats.ca
Mon May 30 17:08:55 UTC 2016
On Mon, 30 May 2016, Charles Wyble wrote:
> I’m now attempting to have VTi work.
> Per https://libreswan.org/wiki/Route-based_VPN_using_VTI it requires libreswan 3.18, however only 3.17 is released. I downloaded
> the source from github and compiled, that gives me
You can also grab
> Is VTI working? Is there anything else I need to do to enable it?
Yes, see man ipsec.conf for the options mark= vti-interface= and
That is explained in the VTI wiki page you linked above.
> No vti interface exists (except perhaps one instantiated by the kernel?)
You need to establish the tunnel for the device to be created.
> root at tsys-shared-router:~# ip a |grep vti
> 15: ip_vti0 at NONE: <NOARP> mtu 1332 qdisc noop state DOWN group default
To see the tunnel device, use: ip tun
More information about the Swan