So far so good... Should I be worried that the patch file names have 'test' in them?
-----Original Message----- From: Gabe <n...@att.net> Sent: Thursday, December 11, 2008 5:31 AM To: VANHULLEBUS Yvan <va...@freebsd.org> Cc: freebsd-net@freebsd.org Subject: RE: NAT-T + ipsec integration Ok recompiling now. Hopefully it works fine. I'll report back. Thanks. -----Original Message----- From: VANHULLEBUS Yvan <va...@freebsd.org> Sent: Thursday, December 11, 2008 4:39 AM To: Gabe <n...@att.net> Cc: freebsd-net@freebsd.org Subject: Re: NAT-T + ipsec integration On Thu, Dec 11, 2008 at 04:02:01AM -0800, Gabe wrote: > Hello all Hi. > Does anyone know how to enable nat traversal on freebsd? > > I've got a site to site ipsec tunnel setup but clients behind the > nat can't vpn through it. Any help would be appreciated. Actually, you can apply a patch to src/sys and recompile your kernel with IPSEC_NAT_T options. Patches are available here: http://people.freebsd.org/~vanhu/NAT-T/ You can also try to play with Perforce's branch, but it is still work in progress to have a cleaned up version of PFKey interface (it may work, but I just started to set up some testing hosts). To answer the question some people may ask in this thread: the whole patch should be included in TRUNK as soon as PFKey cleanup will be done (which means "implemented + heavilly tested + reviewed"). Yvan. _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org" _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org" _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
