Hello Dear ipsec users,

I am looking for a way to run IPSec (site-to-site) VPN in tunnel mode having tunnel as routeable interface, able to run OSPF over it.
One way is running GRE tunnel and it is a good one, but not all firewalls support it (Palo-Alto & Fortigate).

There is a way to have policy based VPN, but this is not suitable for this case since we need to manipulate traffic on route basis (via Linux routing table) and as well running OSPF. So what is my expectation is having an interface (like in GRE tunnel: gre0) called say ipsec0 and then things are getting easy. 

I did not find how to do that by ipsec-tools, but my feeling is that I am either missing something or there should be additional functionality which can help me. I understood that FreeS/WAN is possibly doing that but we are already working with KAME and prefer to stay with it of course.

Please share any ideas for this issue,
Thank you.
Alex