Tommy Nevtelen wrote on 31-8-2018 16:12:
> On 2018-08-31 10:44, Daniel Polak wrote:
>
>>
>> Tommy Nevtelen wrote on 30-8-2018 23:13:
>>> We use isakmpd to interconnect 30ish routers and I would like to switch
>>> to iked, but since there is no support to run both at the same time it
>>> makes it quite hard to migrate slowly. Will basically need to do it all
>>> at the same time and that is not very good for SLAs which complicates
>>> things. Or am I missing something?
>> Would it work for you to add a separate VPN gateway with iked next to
>> the VPN gateway running isakmpd?
>> If you do that you can then set routes to direct traffic for networks
>> that have migrated to ikev2 to the iked gateway.
> Sure, there are many solutions.
> But that is kind of a lot of work and investment in hardware compared
> to just running both at the same time right?
Of course it is but if the work on and the investment in software has
not been done for you by the OpenBSD developers (or sometimes their
sponsors) then that's how it is.
Needs must.
No comments:
Post a Comment