-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 VANHULLEBUS Yvan wrote: > On Thu, Feb 01, 2007 at 11:46:49AM -0500, Eric W. Bates wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> ashoke saha wrote: >>> basic kame (racoon) as NAT_T for IKE. It did not have >>> kernel support till 6.0. you can take the patch from >>> there. >>> also NAT_T has moved from draft to RFC and do google >>> for NAT_T to get get the RFC's and also read the code >>> in the kernel patch and racoon. >> Thank you. I have installed the patch; but I suspect that deciphering >> the code is beyond my skill level. RFC 3948 is mentioned. I will start >> there. > > Hi. > > You probably don't really need to "decipher" that code, you'll just > need the skill level required to apply a patch to the kernel sources > and recompile your kernel (and recompiling your world is also probably > a good idea), then install the new headers (mainly > /usr/include/net/pfkeyv2.h). > > > Then you'll just have to recompile/reinstall ipsec-tools port, which > will autodetect NAT-T support (to be more exact, which will detect > that your /usr/include/net/pfkeyv2.h has the required structs for > NAT-T support) and which will be recompiled with such support.
Great. thanks. I've already got the new kernel; but I neglected to rebuild racoon. I will try that. > > Yvan. > - -- Eric W. Bates [EMAIL PROTECTED] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFwjuWD1roJTQ4LlERAv8DAKCYom6NqQaYoASRpXdDjVeNHXVUugCfSKzD SAXJ9YEoiPG0ZZvRxsrLxHY= =NV9F -----END PGP SIGNATURE----- _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
