route based IPsec VPN tunnel interface
sec driver provides point-to-point
tunnel interfaces for IPv4 and IPv6 protected by the
Encapsulating Security Payload (ESP) protocol.
Traffic is encapsulated in the ESP protocol and forwarded to the
remote endpoint by routing over a
rather than matching policy in the IPsec Security Policy Database (SPD).
sec interfaces require the configuration of IPsec
Security Associations (SAs) between the local and remote endpoints.
Negotiation of interface SAs is supported by
isakmpd(8) (the latter via
sec interfaces can be created at runtime
create command or by setting up a
hostname.if(5) configuration file for
netstart(8). The interface itself can be configured with
ifconfig(8); see its manual page for more information.
ipsec(4), netintro(4), hostname.if(5), pf.conf(5), ifconfig(8), iked(8), ipsecctl(8), isakmpd(8), netstart(8)
sec driver first appeared in
David Gwynne <firstname.lastname@example.org>.