osmith
/
ipsec-gtpu-poc
1
0
Fork 0
Code Pull Requests Releases Wiki Activity
ipsec-gtpu-poc/ipsec-gtp
History
Oliver Smith ca6dbc5d3d README: mention ip forward 2022-09-07 15:08:30 +02:00
..
client.network Initial commit 2022-09-06 16:13:57 +02:00
server.network Initial commit 2022-09-06 16:13:57 +02:00
README.md README: mention ip forward 2022-09-07 15:08:30 +02:00
client.gtp.sh *.gtp.sh: use modprobe, enable dynamic_debug 2022-09-07 11:09:16 +02:00
client.swanctl.conf use psk for server too 2022-09-07 15:02:58 +02:00
server.gtp.sh *.gtp.sh: use modprobe, enable dynamic_debug 2022-09-07 11:09:16 +02:00
server.swanctl.conf use psk for server too 2022-09-07 15:02:58 +02:00

README.md

ipsec-gtpu proof of concept

WIP scripts/configs used while researching for osmo-epdg, see https://osmocom.org/projects/osmo-epdg/wiki/EPDG_implementation_plan

Server Client
lan 10.0.0.1 10.0.0.2
ipsec 10.1.0.1 10.1.0.2
gtp 10.2.0.1 10.2.0.2

How to use:

  • enable ip forward on server and client
  • deploy configs (/etc/swanctl/swanctl.conf)
  • server: copy server.network contents to /etc/systemd/network/
  • client: copy client.network contents to /etc/systemd/network/
  • client and server: start charon-systemd (debian: systemctl start strongswan)
  • client: run swanctl --initiate --child host-host
  • client: run client.gtp.sh
  • server: run server.gtp.sh

The strongswan configs are somewhat based on this example and could be improved a lot, this is just a proof of concept.