[Openswan Users] IPsec over GRE
Michael Smith
msmith at cbnco.com
Fri Sep 7 08:31:54 EDT 2007
On Thu, 6 Sep 2007, Leonardo Rodrigues Magalhães wrote:
> I just cant understand why you're trying IPSec over GRE .... is this some
> real situation or just some proof-concept lab thing ???
You can set up a couple of GRE tunnels between endpoints that have
redundant WAN connections, then run OSPF over the GRE tunnels to advertise
a route to a (virtual) address on each side, and finally run IPsec using
those virtual addresses as left and right. That's one use for it, and the
only special thing you have to do is trick _updown into not adding or
deleting routes.
Mike
More information about the Users
mailing list