[Openswan Users] Packets show up twice in tcpdump
Michael Smith
msmith at cbnco.com
Wed Aug 23 14:20:03 EDT 2006
On Wed, 23 Aug 2006, John Serink wrote:
> IPsec doesn't support OSPF routing updates, never has, KLIPS or not. If you
> want to do OSFP and have the routing updates flowing over the IPsec tunnel, you
> need to place GRE tunnel inside the IPSec tunnel, then the routing updates
> will go. I have done that with openswan to Cisco using the Netkey stack but
> never using the KLIPS....but the procedure should eb similar.
I'm just using OSPF to select a route for the ESP packets. (one of two
redundant wireless links.) The OSPF itself doesn't go over IPsec.
Mike
More information about the Users
mailing list