I’m trying to implement a connection between Amazon VPC and Strongswan.
The first problem i got into is error while i’m bringing up the linux VTI interface up. I want to make a route-based Ipsec VPN. As i understand Amazon AWS supports Ipsec over IPV4, that means the tunnel interface mode whould be vti, right ?
So on Centos 7.x i got error while doing:
# ifup GRE_awssg1 ERROR : [/etc/sysconfig/network-scripts/ifup-eth] Device GRE_awssg1 does not seem to be present, delaying initialization.
The config is as follows:
# File Managed by Puppet DEVICE="GRE_awssg1" BOOTPROTO="none" ONBOOT="yes" TYPE="vti" USERCTL="no" PEERDNS="no" PEERNTP="no" PEER_OUTER_IPADDR=18.104.22.168 PEER_INNER_IPADDR=169.254.225.237 MY_OUTER_IPADDR=22.214.171.124 MY_INNER_IPADDR=169.254.225.238 NETMASK="255.255.255.252" MTU="1436"
Any opinions ? Thanks