[Openswan Users] May I set up a tunnel to protect only some packet

Jacco de Leeuw jacco2 at dds.nl
Mon Feb 28 09:37:25 CET 2005


Xiuduan Fang wrote:

> I have set up a host-to-host tunnel using openswan. But this tunnel 
> protects all the packets between the two hosts. I am wondering if I can 
> configure ipsec.conf to protect only part of packets, for 
> example,  packtets generated by a specific application, eg. FTP.

You can use the left/rightprotoport parameters. See also:
http://www.strongsec.com/freeswan/install.htm#section_4.5

Jacco
-- 
Jacco de Leeuw                         mailto:jacco2 at dds.nl
Zaandam, The Netherlands           http://www.jacco2.dds.nl


More information about the Users mailing list