On Sun, Sep 24, 2006 at 11:53:53PM +0900, Norikatsu Shigemura wrote:
[]
Hi.
> I'm testing IPSec NAT-T BETWEEN 6.2-PRERELEASE with freebsd6-
> ipsec-fastipsec-natt.diff + nokey.diff AND Windows XP like
> following environment:
>
[.]
>
> I couldn't dial-up VPN f
On Thu, 14 Sep 2006 09:30:34 -0400
Larry Baird <[EMAIL PROTECTED]> wrote:
> Please find attached two patches for adding FAST_IPSEC NAT-T support to
> FreeBSD 6.x. The patch "freebsd6-fastipsec-natt.diff" is dependent
> upon Yvan's IPSEC NAT-T patch "freebs
On Mon, Sep 18, 2006 at 09:43:41PM +0200, Joerg Pulz wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Hi,
Hi.
> first of all, a big thanks to Yvan and Larry, and all others, for their
> work. IPSEC_NAT_T is working fine for me with either IPSEC or FAST_IPSEC
> with RELENG_6 as ser
On 18 Sep 2006 18:00:53 -, Larry Baird <[EMAIL PROTECTED]> wrote:
>From my testing on a new 6.x box I just set up, I was wondering if
this was the step that was being left out. Glad to hear it was something
easy.
Thanks for all of the help, I am now up and running after the
installworld.
On Mon, Sep 18, 2006 at 09:43:41PM +0200, Joerg Pulz wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
>
> Hi,
>
> first of all, a big thanks to Yvan and Larry, and all others, for their
> work. IPSEC_NAT_T is working fine for me with either IPSEC or FAST_IPSEC
> with RELENG_6 as serv
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
first of all, a big thanks to Yvan and Larry, and all others, for their
work. IPSEC_NAT_T is working fine for me with either IPSEC or FAST_IPSEC
with RELENG_6 as server and FAST_IPSEC with CURRENT (small modifications
after patching where nec
In article <[EMAIL PROTECTED]> you wrote:
> On Mon, 18 Sep 2006, Scott Ullrich wrote:
>
>> 1. Reinstalled kernel with NAT-T support
>
> you need to re-install the includes/header files too (which is part of
> installworld).
>From my testing on a new 6.x box I just set up, I was wondering if
this
On 9/18/06, Bjoern A. Zeeb <[EMAIL PROTECTED]> wrote:
On Mon, 18 Sep 2006, Scott Ullrich wrote:
> 1. Reinstalled kernel with NAT-T support
you need to re-install the includes/header files too (which is part of
installworld).
Okay, now that makes more sense. For the record, I am using FreeSBI
On Mon, 18 Sep 2006, VANHULLEBUS Yvan wrote:
On Mon, Sep 18, 2006 at 03:04:04PM +, Bjoern A. Zeeb wrote:
On Mon, 18 Sep 2006, VANHULLEBUS Yvan wrote:
By default in FreeBSd's port, NAT-T support is enabled if support is
detected on the system (checks for some structs in
include/net/pfkeyv2
On Mon, 18 Sep 2006, Scott Ullrich wrote:
1. Reinstalled kernel with NAT-T support
you need to re-install the includes/header files too (which is part of
installworld).
--
Bjoern A. Zeeb bzeeb at Zabbadoz dot NeT
___
freebsd
On 9/18/06, VANHULLEBUS Yvan <[EMAIL PROTECTED]> wrote:
By default, I have set the value of port's configuration to "kernel",
which is exactly "use it if supported".
I just checked ./configure --enable-natt=yes (which forces NAT-T
support) on a FreeBSD 6.1 without NAT-T patchset, and I got that:
On Mon, Sep 18, 2006 at 03:04:04PM +, Bjoern A. Zeeb wrote:
> On Mon, 18 Sep 2006, VANHULLEBUS Yvan wrote:
>
> >By default in FreeBSd's port, NAT-T support is enabled if support is
> >detected on the system (checks for some structs in
> >include/net/pfkeyv2.h).
> >
> >Can you compile again ips
On Mon, 18 Sep 2006, VANHULLEBUS Yvan wrote:
By default in FreeBSd's port, NAT-T support is enabled if support is
detected on the system (checks for some structs in
include/net/pfkeyv2.h).
Can you compile again ipsec-tools port, but not clean it, and check in
config.h if you have NAT-T support
On Sun, Sep 17, 2006 at 11:58:17AM -0400, Scott Ullrich wrote:
> On 9/17/06, VANHULLEBUS Yvan <[EMAIL PROTECTED]> wrote:
> >Make sure your ipsec-tools port have been recompiled after your system
> >has been patched / compiled / upgraded, and use
> >/usr/local/sbin/setkey.
> >
> >FreeBSD's setkey do
On 9/17/06, VANHULLEBUS Yvan <[EMAIL PROTECTED]> wrote:
Make sure your ipsec-tools port have been recompiled after your system
has been patched / compiled / upgraded, and use
/usr/local/sbin/setkey.
FreeBSD's setkey does not (yet ?) support NAT-T extensions at all.
I tried both /sbin/setkey an
On Fri, Sep 15, 2006 at 12:07:58PM -0400, Scott Ullrich wrote:
[]
> Next problem that I have encountered (with FAST_IPSEC) is:
>
> # /sbin/setkey -D
> Invalid extension type
> Invalid extension type
> Invalid extension type
> Invalid extension type
> Invalid extension type
> Invalid extension
On 9/15/06, Larry Baird <[EMAIL PROTECTED]> wrote:
Just to be sure I understand the issue. You have a kernel built
with the FAST_IPSEC NAT-T patches but without the IPSEC_NAT_T option.
Your VPNs work but you are unable to dump your SAD entries.
No, I have it built with options IPSEC_NAT_T and
lease find attached two patches for adding FAST_IPSEC NAT-T support to
> > > > FreeBSD 6.x. The patch "freebsd6-fastipsec-natt.diff" is dependent
> > > > upon Yvan's IPSEC NAT-T patch "freebsd6-natt.diff" which can be found at
> > > > http://i
On 9/15/06, Larry Baird <[EMAIL PROTECTED]> wrote:
On Thu, Sep 14, 2006 at 09:43:38PM -0400, Scott Ullrich wrote:
> On 9/14/06, Larry Baird <[EMAIL PROTECTED]> wrote:
> > Please find attached two patches for adding FAST_IPSEC NAT-T support to
> > FreeBSD 6.x. Th
On Thu, Sep 14, 2006 at 09:43:38PM -0400, Scott Ullrich wrote:
> On 9/14/06, Larry Baird <[EMAIL PROTECTED]> wrote:
> > Please find attached two patches for adding FAST_IPSEC NAT-T support to
> > FreeBSD 6.x. The patch "freebsd6-fastipsec-natt.diff" is dependent
&g
On Fri, Sep 15, 2006 at 09:24:03AM +, Bjoern A. Zeeb wrote:
> Hi,
Hi.
> [just replying to a random mail of one of the various NAT-T threads
> at this point]
>
> I had started to review the code (to find some problems people had
> with the patch) and came up with the following so far. This
Hi,
[just replying to a random mail of one of the various NAT-T threads
at this point]
I had started to review the code (to find some problems people had
with the patch) and came up with the following so far. This work
was done based on the old freebsd6-natt.diff which is no longer
available:(
On 9/14/06, Larry Baird <[EMAIL PROTECTED]> wrote:
Please find attached two patches for adding FAST_IPSEC NAT-T support to
FreeBSD 6.x. The patch "freebsd6-fastipsec-natt.diff" is dependent
upon Yvan's IPSEC NAT-T patch "freebsd6-natt.diff" whi
23 matches
Mail list logo
