On 2023-07-26, Lyndon Nerenberg (VE7TFX/VE6BBM) <lyn...@orthanc.ca> wrote: > I need to set up an ipsec tunnel between a couple of ip6 networks, > but I only have an ip4 path between the two gateways. I don't want > any ip4 traffic inside the ipsec tunnel, so I'm a bit puzzled about > how to set this up. Once I have the end-points up, can I just point > the ip6 traffic and routes at enc0? All the example I can find > assume you're tunneling ip4 traffic through an ip4 tunnel. (Sorry, > but after three decades of trying, I still can't make heads nor > tails of ipsec :-P)
IPsec normally uses flows rather than the route table. Just configure the tunnel between v6 addresses e.g. "from <v6_address/prefix> to <v6_address/prefix> peer <v4_address>".
