My question is quite simple.
How would one go about nesting 2 (or more tunnels)? Thus adding additional encryption/ layers to the packets.
#1 Updated by Andreas Steffen over 7 years ago
- Status changed from New to Feedback
- Assignee set to Andreas Steffen
the Linux kernel does not allow multiple ESP encryptions or decryptions. You can have multiple layers of IPsec encryption if you terminate the individual layers on different machines, e.g. one on the physical host and one on a VM running on the physical host.Each endpoint would also have to run an IKE daemon.