[Battlemesh] new tunneling vpn: wireguard
mitar at tnode.com
Thu Jun 30 08:24:09 CEST 2016
Oh, you are right. I always assumed that you can use UDP as transport,
add IPSec and then have tunnel. Hmm. It seems not so.
> On Wed, Jun 29, 2016 at 4:40 PM, Henning Rogge <hrogge at gmail.com> wrote:
>> On Wed, Jun 29, 2016 at 3:58 PM, Mitar <mitar at tnode.com> wrote:
>>> People who need encryption, why not use in-kernel l2tp tunnels + IPSec?
>>> Why custom crypto implementation would be better?
>>> From our testing, for any reasonable crypto you need hardware support.
>>> Do people know if any hardware chip is supported on any of those WiFi
>>> routers by OpenWrt?
>> IPsec is a mess to get right... if you get it right at all.
> On some IPsec howto by some manufacturer, it was mentioned that you
> might need to contact your network administrators to allow IPSec
> packets (they are not UDP nor TCP). Nice for the industry "standard"
> for VPNs.
More information about the Battlemesh