21.07.2017 23:05, Kajetan Staszkiewicz wrote:
> Unfortunately I don't see much information how to make it work with
> Strongswan. Any hints?
If you run Strongswan/FreeBSD instead of plain FreeBSD,
you should ask Strongswan maintainers for that :-)
__
Dnia piątek, 21 lipca 2017 17:09:35 CEST Eugene Grosbein pisze:
> 20.07.2017 23:17, Kajetan Staszkiewicz пишет:
> > Hey group,
> >
> > Can I somehow make IPsec encryption to happen AFTER routing decision and
> > ensure that it happens only when traffic leaves via specified interface?
>
> You may
20.07.2017 23:17, Kajetan Staszkiewicz пишет:
> Hey group,
> Can I somehow make IPsec encryption to happen AFTER routing decision and
> ensure that it happens only when traffic leaves via specified interface?
You may want to upgrade to 11.1-RELEASE and utilize its new if_ipsec(4) feature
targete
Hey group,
Across a few data centers I have a some routers running IPsec+BGP tunnels to
Azure.
Microsoft side is nicely following BGP sessions.
My routers are unfortunately not. Routes in route table are updated just fine
from BIRD but unfortunately they are overridden by IPSec policy which is
