[ovs-dev] GRE over IPsec on CentOS

mrityunjay.kumar2 at wipro.com mrityunjay.kumar2 at wipro.com
Mon Sep 26 16:01:51 UTC 2016


Hi all ,

I have been trying to test IPSEC over GRE on Centos7.3 . I am able to test on ubuntu14.04 .

I wanted to know whether this feature is supported on Centos .


If not supported, please let me know how to achieve IPSEC over GRE on Centos .


thanks
MJ
-------------

We did integration on Debian, but it shouldn't be hard to port to CentOS.  It uses racoon and ipsec-tools, and is managed by the "debian/ovs-monitor-ipsec".  I'm not 100% happy with our solution, but it works.  I'd start by looking there.

--Justin


On Dec 14, 2012, at 1:49 AM, Diego Rivero <riverod9 at gmail.com<http://openvswitch.org/mailman/listinfo/dev>> wrote:

> How can I achieve GRE over IPsec on CentOS 6.3 instead of debian?
>
> So far what I've understood is the following..
>
> # ovs-vsctl add-port br0 gre0
> # ovs-vsctl set interface gre0 type=ipsec_gre \
> options:remote_ip=192.168.2.xxx \
> options:psk=testtest \
> options:certificate=cert.pem \
> options:peer_cert='"-----BEGIN CERTIFICATE-----(not a real peer certificate)-----END CERTIFICATE----- \
>
>
> But I don't know how to move it forward. Do I need to install openswan for encryption? How can I configure to tell open vswitch the existance of openswan? Does open vswitch have an encription module on its own?
>
> Thanks in advance.
>
> Diego
> _______________________________________________
> dev mailing list
> dev at openvswitch.org<http://openvswitch.org/mailman/listinfo/dev>
> http://openvswitch.org/mailman/listinfo/dev



The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com



More information about the dev mailing list