[Openswan Users] ipv6 question
James Harper
james.harper at bendigoit.com.au
Wed Oct 11 23:47:48 EDT 2006
I have successfully set up a transport link between two linux (Debian
Etch) servers using ipv6, and it seems to work okay.
What I'd like to do now is to block all non ipsec ipv6 traffic from my
internal network, anyone who wants to send packets there has to use
ipsec. Also I would only allow certain certificates in. I'm not that
fussed about encryption either, only the authentication side of things.
The idea is that my laptop could be on any external ipv6 network and can
still get to the internal network by (transparently) using ipsec,
because I would have an allowed cert on it.
I thought I could use the policy files to do it but they seem not to
allow ipv6 addresses, I just get an error about an unsupported address
family (not sure if that's the exact error).
Is this something that openswan supports now or is ipv6 support not
quite there yet?
Thanks
James
More information about the Users
mailing list