[Swan] Can't get failureshunt & negotiationshunt to work in passthrough mode
Paul Wouters
paul at nohats.ca
Thu Jun 15 14:29:06 UTC 2017
On Wed, 14 Jun 2017, Evan Wheeler wrote:
> I tried using right=%opportunisticgroup per your suggestion and indeed negotiationshunt=passthrough and failureshunt=passthrough seem to work as expected. Would you like me to create a
> new bugzilla entry? I am not sure which sub-component is affected.
Yes please file a bugzilla item for this under "pluto-generic".
> Actually I have a situation where I need multiple static VPN tunnels to "fail open". The failureshunt and negotiationshunt features would be very useful in certain mission-critical or
> safety-critical situations where having the data link go down has far greater consequences than losing confidentiality or authentication. For example, medical patient monitoring
> applications or avionics applications, etc. For that reason I would really like to be able to use these two options in non-OE configurations.
I understand case :)
Paul
More information about the Swan
mailing list