From owner-freebsd-net@FreeBSD.ORG Fri Dec 12 18:50:14 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E2F521065672 for ; Fri, 12 Dec 2008 18:50:14 +0000 (UTC) (envelope-from sclark46@earthlink.net) Received: from elasmtp-mealy.atl.sa.earthlink.net (elasmtp-mealy.atl.sa.earthlink.net [209.86.89.69]) by mx1.freebsd.org (Postfix) with ESMTP id B28DF8FC16 for ; Fri, 12 Dec 2008 18:50:14 +0000 (UTC) (envelope-from sclark46@earthlink.net) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=dk20050327; d=earthlink.net; b=pTPoLDtzUVd0mrxpCUl7J8vqnWACF21EdkhyMNGOsmwUD+hChv8xLlBk0jBtKfy3; h=Received:Message-ID:Date:From:Reply-To:User-Agent:MIME-Version:To:CC:Subject:References:In-Reply-To:Content-Type:Content-Transfer-Encoding:X-ELNK-Trace:X-Originating-IP; Received: from [208.118.36.229] (helo=joker.seclark.com) by elasmtp-mealy.atl.sa.earthlink.net with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.67) (envelope-from ) id 1LBD5Z-0003aG-L9; Fri, 12 Dec 2008 13:50:13 -0500 Message-ID: <4942B264.5020607@earthlink.net> Date: Fri, 12 Dec 2008 13:50:12 -0500 From: Stephen Clark User-Agent: Thunderbird 2.0.0.18 (X11/20081119) MIME-Version: 1.0 To: VANHULLEBUS Yvan References: <20081211122828.CF3958FC16@mx1.freebsd.org> <20081211123958.GA5332@zeninc.net> <200812121845.20262.artem@aws-net.org.ua> <20081212175500.GA2573@zeninc.net> In-Reply-To: <20081212175500.GA2573@zeninc.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-ELNK-Trace: a437fbc6971e80f61aa676d7e74259b7b3291a7d08dfec793b002ce11d456fcefb770d83ed602ad6350badd9bab72f9c350badd9bab72f9c350badd9bab72f9c X-Originating-IP: 208.118.36.229 Cc: freebsd-net@freebsd.org Subject: Re: NAT-T + ipsec integration X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: sclark46@earthlink.net List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Dec 2008 18:50:15 -0000 VANHULLEBUS Yvan wrote: > On Fri, Dec 12, 2008 at 06:45:20PM +0200, Artyom Viklenko wrote: >> On Thursday 11 December 2008 14:39:58 VANHULLEBUS Yvan wrote: > [....] >>> Actually, you can apply a patch to src/sys and recompile your kernel >>> with IPSEC_NAT_T options. >>> Patches are available here: >>> http://people.freebsd.org/~vanhu/NAT-T/ >> And what about patches for 6.4-RELEASE? > > I just not tested on 6.4 (almost all my devices moved to 7.x, and the > remaining ones will stay in 6.3 for various reasons), but 6.3 patch > should work on 6.4 if it compiles cleanly (I did NOT check every > single kernel change between 6.3 and 6.4). > > If people can test it and see some compile/runtime problems, please > report them, I'll try to fix them. > > > > Yvan. > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > Are there any restrictions for nat-t on freebsd-6, like number of vpns that can be natted? Thanks, Steve -- "They that give up essential liberty to obtain temporary safety, deserve neither liberty nor safety." (Ben Franklin) "The course of history shows that as a government grows, liberty decreases." (Thomas Jefferson)