https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=212018
Darryn Nicol changed:
What|Removed |Added
See Also||https://bugs.freebsd.org/bu
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=212018
--- Comment #9 from Alex Dupre ---
Just built a 11-STABLE kernel over an AWS AMI 11.0-RELEASE and the tunnel went
up fine (IKEv1/ESP, tunnel mode, very low traffic). It's been running for a few
minutes without issues, but I don't know what
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=212018
--- Comment #8 from Andrey V. Elsukov ---
(In reply to Alex Dupre from comment #7)
> Does this mean that StrongSwan will finally work OOTB on FreeBSD 11.1? :-)
You can test and report. I have one report about panics with strongswan on
stab
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=212018
Alex Dupre changed:
What|Removed |Added
CC||a...@freebsd.org
--- Comment #7 from
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=212018
Andrey V. Elsukov changed:
What|Removed |Added
Status|Open|Closed
Resolution|---
IPSEC_SUPPORT added. It enables support for loading
and unloading of ipsec.ko and tcpmd5.ko kernel modules.
o IPSEC_NAT_T option was removed. Now NAT-T support is enabled by
default. The UDP_ENCAP_ESPINUDP_NON_IKE encapsulation type
support was removed. Added TCP/UDP checksum
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=212018
--- Comment #5 from Ben Woods ---
Note that the IPSEC_NAT_T option was removed in r313330 commit to FREEBSD
12-CURRENT.
https://svnweb.freebsd.org/base?view=revision&revision=313330
This commit has not been merged to stable (at least
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=212018
Bug 212018 depends on bug 128030, which changed state.
Bug 128030 Summary: [ipsec] Enable IPSec in GENERIC kernel configuration
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=128030
What|Removed |Added
28030 had not been closed. Note that this PR212018
still had not been committed in FreeBSD 11 (IPSEC_NAT_T is still not in the
GENERIC kernel configuration).
--
You are receiving this mail because:
You are the assignee for the bug.
___
freebsd-net@freebs
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=212018
--- Comment #3 from Darryn Nicol ---
(In reply to Kubilay Kocak from comment #2)
I'm not sure why that hasn't been closed off yet but IPSEC made it into GENERIC
in 11.0.
--
You are receiving this mail because:
You are the assignee for the
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=212018
Kubilay Kocak changed:
What|Removed |Added
See Also|https://bugs.freebsd.org/bu |
|gzilla/show_bu
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=212018
martin.larss...@gmail.com changed:
What|Removed |Added
CC||martin.larss...@gmail.co
Flags||mfc-stable10?,
||mfc-stable11?
Summary|[ipsec] [request] Enable|Enable IPSEC_NAT_T in
|IPSEC_NAT_T in GENERIC |GENERIC kernel
|kernel configuration
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=212018
Mark Linimon changed:
What|Removed |Added
Summary|[ipsec] Enable IPSEC_NAT_T |[ipsec] [request] Enable
On Thu, 26 Jun 2008 11:51:26 -0500, mgrooms <[EMAIL PROTECTED]> wrote:
>
> ESP transport with NAT-T may need NAT-OA support, which is not
> provided by the actual patch, nor by userland.
>
I checked in Timos patch for NAT-T original address support into
ipsec-tools last December. This will be a
Hi!
> > But when the host is placed over NAT, everything stops working.
> > After negotiates IKE and key additions to the database SA traffic does
> > not pass. "tcpdump enc0" shows that traffic is decoded normaly, but then
> > he does not processed, packets discarded.
> > Counters ipfw to rule 1 d
On Thu, Jun 26, 2008 at 04:09:00PM +0600, Daniil Harun wrote:
> Dear sirs!
Hi.
I forgot to reply your private mail this morning, but it's still
better to have the question and the answer on a public ML, it may be
useful for other people.
> Sorry for my bad English! I ask to help me, if you have
(FreeBSD 7.0):
options IPSEC
options IPSEC_NAT_T
device enc
device crypto
device cryptodev
Racoon config:
listen
{
isakmp 80.85.151.51 [500];
isakmp_natt 80.85.151.51 [4500];
}
timer
{
natt_keepalive 10 sec;
}
remote a
On Sat, Jan 05, 2008 at 04:55:21PM -0500, Lyle Scott III wrote:
> I applied the IPSEC_NAT_T patch from
> http://vanhu.free.fr/FreeBSD/patch-natt-freebsd6-2007-05-31.diff to FreeBSD
> 6.2-release-p9
> yesterday to include IPSEC_NAT_T support.
> i did a make buildworld buil
I applied the IPSEC_NAT_T patch from
http://vanhu.free.fr/FreeBSD/patch-natt-freebsd6-2007-05-31.diff to FreeBSD
6.2-release-p9
yesterday to include IPSEC_NAT_T support.
i did a make buildworld buildkernel && make installworld installkernel &&
shutdown -r now
Now when i reco
i applied the patch from
http://vanhu.free.fr/FreeBSD/patch-natt-freebsd6-2007-05-31.diff to get
nat-t working with my racoon set up.
Do I need 'option IPSEC_NAT_T' in my kernel or will it automatically be
built?
The reason I ask is when I apply the patch.. i sucessfully do a '
On Fri, Oct 13, 2006 at 04:55:18PM +0200, Joerg Pernfuss wrote:
> On Fri, 13 Oct 2006 16:32:01 +0200
> VANHULLEBUS Yvan <[EMAIL PROTECTED]> wrote:
>
> > I don't know what will happen if you define IPSEC_NAT_T, but not IPSEC
> > / FAST_IPSEC, guess it will genera
On Fri, 13 Oct 2006 16:32:01 +0200
VANHULLEBUS Yvan <[EMAIL PROTECTED]> wrote:
> I don't know what will happen if you define IPSEC_NAT_T, but not IPSEC
> / FAST_IPSEC, guess it will generate the same thing as if you didn'
> define IPSEC_NAT_T.
Or it won't compile be
On Sat, Oct 14, 2006 at 12:27:22AM +1000, Sam Wun wrote:
> in the kernel config file, what if I only define options IPSEC_NAT_T without
> defining FAST_IPSEC?
> I m not familiar with FAST_IPSEC, if I compile IPSEC_NAT_T with or without
> FAST_IPSEC, what s that going to affect my c
in the kernel config file, what if I only define options IPSEC_NAT_T without
defining FAST_IPSEC?
I m not familiar with FAST_IPSEC, if I compile IPSEC_NAT_T with or without
FAST_IPSEC, what s that going to affect my current IPSEC configuration and
connection?
Thanks
S
On 10/13/06, VANHULLEBUS
On Fri, Oct 13, 2006 at 10:56:25PM +1000, [EMAIL PROTECTED] wrote:
> Hi,
Hi.
> I tried to compile freebsd 6.2 prerelease source with "options
> IPSEC_NAT_T", but it said "unknown option "IPSEC_NAT_T"" when I
> build it
>
> Had IPSEC_NAT_T patch al
Hi,
I tried to compile freebsd 6.2 prerelease source with "options IPSEC_NAT_T",
but it said "unknown option "IPSEC_NAT_T"" when I build it
Had IPSEC_NAT_T patch already built into the 6.2 pre source?
If not, where
27 matches
Mail list logo
