[Battlemesh] new tunneling vpn: wireguard

Henning Rogge hrogge at gmail.com
Thu Jun 30 08:30:16 CEST 2016

On Thu, Jun 30, 2016 at 8:24 AM, Mitar <mitar at tnode.com> wrote:
> Hi!
> Oh, you are right. I always assumed that you can use UDP as transport,
> add IPSec and then have tunnel. Hmm. It seems not so.

You can... but that is a very new extension.

But even then, your mess just started...

first make sure both sides support the same crypto/signature/hash
combination... because there is no mandatory one for IPsec.

Oh, and make sure they support the same IKE(v2) variant... because
this protocol has a lot degrees of freedom, again without a mandatory
base setting.

And lets not start about the insanity that "IPsec transport mode +
IPIP tunnel = IPsec tunnel mode".

We could throw out at least half of the options of IPsec without
loosing any feature.

Henning Rogge

More information about the Battlemesh mailing list