[Battlemesh] new tunneling vpn: wireguard
Henning Rogge
hrogge at gmail.com
Thu Jun 30 08:30:16 CEST 2016
On Thu, Jun 30, 2016 at 8:24 AM, Mitar <mitar at tnode.com> wrote:
> Hi!
>
> Oh, you are right. I always assumed that you can use UDP as transport,
> add IPSec and then have tunnel. Hmm. It seems not so.
You can... but that is a very new extension.
But even then, your mess just started...
first make sure both sides support the same crypto/signature/hash
combination... because there is no mandatory one for IPsec.
Oh, and make sure they support the same IKE(v2) variant... because
this protocol has a lot degrees of freedom, again without a mandatory
base setting.
And lets not start about the insanity that "IPsec transport mode +
IPIP tunnel = IPsec tunnel mode".
We could throw out at least half of the options of IPsec without
loosing any feature.
Henning Rogge
More information about the Battlemesh
mailing list