Date: Thu, 12 Apr 2012 22:13:35 +0300 From: Zmiter <zmiterby@gmail.com> To: freebsd-stable@freebsd.org Subject: IPSec NAT-T in transport mode Message-ID: <4F87295F.3080801@gmail.com> In-Reply-To: <659350866.20100120151602@mail.ru> References: <659350866.20100120151602@mail.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello. Does FreeBSD 8.[0-4] support IPSec NAT-T in transport mode? Or it's still in broken state? I need to connect NATed VPN clients through L2TP/IPSec and seeing nothing in mpd5 logs, but growing counters of bad checksums in udp packets. After some research I found an opened kern/146190 with some sort of solving the problem through disabling checksum validation, but it still not work. Every incoming UDP encapsulated ESP packet toggles two counters: udp no checksums (because of 0 value in every incoming packet udp checksum) and udp bad checksums (hmmm..., I thought it shouldn't be happen with a magic patch). So, can anyone tell me is it possible to connect my NATed VPN clients through L2TP/IPSec or it's impossible nowadays? Thanks a lot. Zmiter 12.04.2012
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4F87295F.3080801>