Hi,
We would like to configure a single IPSec connection that would handle both
IPv4 and IPv6 traffic.
We considered multiple child SA sharing a single IKE SA:
conn tunnel46
auto=start
leftid=@left
left=%eth0
rightid=@right
right=172.31.0.1
authby=secret
ipsec-interface=yes
leftsourceip=192.168.61.1
rightsourceip=192.168.60.1
leftsubnets={192.168.61.0/24,fc02::/64}
rightsubnets={192.168.60.0/24,fc01::/64}
However, when we tried that, only the IPv4 traffic came through.
Paul mentioned in issue #375
(https://github.com/libreswan/libreswan/issues/375) that:
"For libreswan 4.2, we are working on allowing to combine these into one
conn, and also to combine them as traffic selectors on a single IPsec SA."
Are mixed address families in {left|right}subnets something that is supported
in libreswan 4.9? If not, is there any alternative to achieve IPv4 and IPv6
traffic through a single tunnel?
Thank you,
Nestor Melo
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan
