Eugene Grosbein wrote: > > > And the kernel IPsec implementation has had problems with NAT > > traveral. Does it stil have problems and requre extra patches for NAT > > traveral? > > No, it has not after IPSec code overhaul in times of 11.0-STABLE. > NAT traversal works out-of-box these days not requiring extra patches.
Glad to hear that. Also, in 11.x no kernel recompilation is needed to enable IPSec. So maybe when I eventually migrate all my hosts to the 11th branch, it will be time for me to give IPSec a second chance, with all that nice if_ipsec stuff. > > It needs "nat_traversal on" in the racoon.conf, though. -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN AS43859 _______________________________________________ freebsd-net@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
