[Swan] IPsec tunnel with Openvswitch
Paul Wouters
paul at nohats.ca
Wed Jul 4 20:26:00 UTC 2018
On Wed, 4 Jul 2018, Alvaro Jimenez wrote:
> I'm not able to create a IPsec tunnel between two openvswitches. I have two hosts connected physically, each with an ovs bridge and a machine. I
> want to establish a tunnel between both openvswitches that encrypts traffic from the virtual machine. I tried to add just the subnets i want to
> encrypt but an host IP adress is required. The fact is that there's no host IP as im using the physical ethernet interface (eth0) as an ovs
> port. Any help would be appreciated.
The IP needed on left= and right= is the IP of the host talking with the
IKE protocol to setup IPsec tunnels. since IKE only runs over IP, you
must have IP addresses to set there.
You cannot IPsec "an interface".
Paul
More information about the Swan
mailing list