Issue #3629
IPSec enc only on specific dport/proto
Status:
Feedback
Priority:
Normal
Assignee:
-
Category:
configuration
Affected version:
5.9.0
Resolution:
Description
How can we narrow the strongswan IPSec encryption to a specific port or proto?
Similar to the ip XFRM option:
UPSPEC := proto
Would like to encrypt only UDP specific dport like it done using ip XFRM e.g:
sel src 192.168.7.7 dst 192.168.7.8 proto udp dport 4789
History
#1 Updated by Tobias Brunner over 1 year ago
- Category set to configuration
- Status changed from New to Feedback
Just configure appropriate traffic selectors.