Issue #542
Nesting tunnels
Affected version:
5.1.2
Resolution:
Description
Hi,
My question is quite simple.
How would one go about nesting 2 (or more tunnels)? Thus adding additional encryption/ layers to the packets.
Tia,
Fermin DCG
Related issues
History
#1 Updated by Andreas Steffen over 11 years ago
- Status changed from New to Feedback
- Assignee set to Andreas Steffen
Hi,
the Linux kernel does not allow multiple ESP encryptions or decryptions. You can have multiple layers of IPsec encryption if you terminate the individual layers on different machines, e.g. one on the physical host and one on a VM running on the physical host.Each endpoint would also have to run an IKE daemon.
Regards
Andreas
#2 Updated by Tobias Brunner over 11 years ago
- Related to Issue #472: Responder stops responding after two successful connections added
#3 Updated by F DCG over 11 years ago
Tobias and Andreas, thank you both for your replies.
I'll look into the vm suggestion.
Reg.
Fermin
#4 Updated by Tobias Brunner almost 6 years ago
- Has duplicate Issue #3232: tunnel in tunnel added