Again, solved in 1995 with ESP (IPsec) packets....https://twitter.com/RichFelker/status/826993525355065344 …
Care to explain how to setup a tunnel with ipsec? I want something with a tun/tap device inside, encrypted datagrams outside.
-
-
regular vpn can be site-to-site or remote access VPN, see https://libreswan.org/wiki/Configuration_examples …
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
pre-encrypt / post-decrypt traffic will appear on the VTI device. The physical interface will show pre-decrypt / post-encrypt
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
devices are automatically created by calling the marking and ip tunnel add mode vti
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
maybe use PSK when testing to avoid needing to generate RSA keys or certs: https://libreswan.org/wiki/Subnet_to_subnet_VPN_with_PSK …
-
Indeed I prefer PSK; it's only 2 pure-gateway peers, no separate users.
-
the simplest case is the host-to-host PSK vpn: https://libreswan.org/wiki/Host_to_host_VPN_with_PSK …
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.