basic kame (racoon) as NAT_T for IKE. It did not have
kernel support till 6.0. you can take the patch from
there.
also NAT_T has moved from draft to RFC and do google
for NAT_T to get get the RFC's and also read the code
in the kernel patch and racoon.
assuming you are talking about ipsec NAT_T.
yes, i also did my own pvt patch . i think PFKEY needs
to be modified for scalability . We should be able to
send multiple commands, SPIs, policy id and different
actions for each etc.
ashoke.
--- VANHULLEBUS Yvan <[EMAIL PROTECTED]> wrote:
> On Tue, Jan 02, 2007 at 08:28:01PM -080
t way
it was running out of mbuf cluster limit for process.
maybe that is also fixed.
ashoke.
--- VANHULLEBUS Yvan <[EMAIL PROTECTED]> wrote:
> On Tue, Jan 02, 2007 at 02:59:59AM -0800, ashoke
> saha wrote:
> > Hi ,
>
> Hi.
>
>
> > just joined the mail
Hi ,
just joined the mailibng list. I was implementing
NAT traversal based on the patch and my kernel was
panicking because of wrong ipsec config, which it
should not whatever be the config.
Looks like there is a small issue in the code
http://ipsec-tools.sourceforge.net/freebsd6-natt.diff
whi
