+1 likeI would really like to see ipsec tunnels as interfaces instead of ipsec policies. With the current policy system, It is quite difficult to handle site to site ipsec VPNs. I basically have to do a tunnel and policy for a single address on both sides and then an ipip tunnel so I have an interface to route through (using OSPF, or static routes)
+1I would really like to see ipsec tunnels as interfaces instead of ipsec policies. With the current policy system, It is quite difficult to handle site to site ipsec VPNs. I basically have to do a tunnel and policy for a single address on both sides and then an ipip tunnel so I have an interface to route through (using OSPF, or static routes)