On Fri, Jan 20, 2006 at 09:53:33PM +0000, Brian Candler wrote: > > On Thu, Dec 29, 2005 at 09:50:47AM +0300, Alexey Popov wrote: > > > If we would also have NAT-T support, FreeBSD would be the best choice > > > of VPN concentrator. > > I just saw this patch posted on the ipsec-tools-devel list: > http://ipsec-tools.sf.net/freebsd6-natt.diff
I already posted the URL of this patch here some months ago, it's integration is being discussed with various people (and I never took time to send a PR). There are still some things to do from this patch, including sync with NetBSD recent features, NAT-T support for FAST_IPSEC, and provide a cleaner to help racoon's configure guess if there is kernel NAT-T support. I won't have time to work on that before next month. > It's for FreeBSD 6 but also seems to apply cleanly to 5.4, apart from one > file which I think needs this instead: I first ported FreeBSD 4's patch to FreeBSD 5, then I ported it to FreeBSD 6, and fixed some various things. FreeBSD5 to FreeBSD6 was really more a cleanup and a rediff (lines numbers changed, etc...) than a "port". Except the indentation changes you reported (introduced between FreeBSD6-RELEASE and FreeBSD6-STABLE), it should work without problems on FreeBSD5, but I don't really want to maintain a separate FreeBSD5 patch, unless there is really some important needs for it ! Yvan. -- NETASQ - Secure Internet Connectivity http://www.netasq.com _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"