On Wed, Jan 20, 2010 at 03:16:02PM +0600, Rabidinov M.A. wrote: > Hello, Freebsd-stable.
Hi. > Does FreeBSD 8.0 support IPSec NAT-T in transport mode? > I want to create a L2TP/IPSec server. My VPN clients are NATed. > L2TP server (MPD5.x) makes tunnel, so I need working IPSec NAT-T in transport > mode. > Thanks a lot. It may work..... or not.... The missing part is support of NAT-OA payloads, which are used to update checksums when receiving packets. For TCP, this is mandatory. For UDP (so for L2TP), checksums of 0 are allowed, and of course not checked, so packet will go to destination. But afaik, most L2TP implementations computes checksums, so they will be checked, and of course will be wrong.... Yvan. _______________________________________________ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
