Archives/opensense-docs
2
0
Fork 0
mirror of https://github.com/opnsense/docs synced 2024-10-30 21:20:20 +00:00
Code Issues Projects Releases Wiki Activity

Update ipsec-swanctl-rw-ikev2-eap-mschapv2.rst

Browse Source 
Hint that IPv6 transport doesn't work with UDP Encapsulation
This commit is contained in:
Monviech 2023-10-31 13:18:37 +01:00 committed by GitHub
parent 855236a9f3
commit e719d1a0ef
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
source/manual/how-tos/ipsec-swanctl-rw-ikev2-eap-mschapv2.rst
View File

@ -24,7 +24,10 @@ IPsec ``172.16.203.0/24`` ``2001:db8:1234:ec::/64``
The example users are ``John`` and ``Laura``. The example FQDN is ``vpn1.example.com``.
.. Hint::
Any IPv6 functionality is optional. If you don't want to use IPv4+IPv6 dual stack, just skip all IPv6 addresses/networks and focus on IPv4. Its also possible to skip IPv4 and create native IPv6 tunnels.
Any IPv6 functionality is optional. If you don't want to use IPv4+IPv6 dual stack, just skip all IPv6 addresses/networks and focus on IPv4.
.. Note::
It is currently not possible to use IPv6 as outer tunnel transport address. IPsec requires UDP encapsulation of ESP packets for most mobile clients. UDP encapsulation and decapsulation for IPv6 is currently unsupported by the FreeBSD 13.2 Kernel.
.. Warning::
- Don't copy security relevant configuration parameters like passwords into your configuration. Create your own!