From owner-freebsd-questions@FreeBSD.ORG  Thu Jun 15 09:18:14 2006
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id B2E2516A41A
	for <freebsd-questions@freebsd.org>;
	Thu, 15 Jun 2006 09:18:14 +0000 (UTC)
	(envelope-from edge_records@yahoo.com)
Received: from web34713.mail.mud.yahoo.com (web34713.mail.mud.yahoo.com
	[209.191.68.162])
	by mx1.FreeBSD.org (Postfix) with SMTP id 4690643D48
	for <freebsd-questions@freebsd.org>;
	Thu, 15 Jun 2006 09:18:14 +0000 (GMT)
	(envelope-from edge_records@yahoo.com)
Received: (qmail 6609 invoked by uid 60001); 15 Jun 2006 09:18:13 -0000
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com;
	h=Message-ID:Received:Date:From:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding;
	b=MQYwUZVvkn8Vh0HMIKBhFtBv2PUZbLR4x+wFYiyrWGAxNx3kx65je7Q+wrmeglL2ZZ1HEe+WbtWT+sDes7eTfwsS4JDiTSLdMunYFFkjSKXjt6yXW2vjxoIkDMbDSk3wweKMnWDvWMMUwZJfgSEsRFhUpmyWc4DstIbr8KETcPI=
	; 
Message-ID: <20060615091813.6607.qmail@web34713.mail.mud.yahoo.com>
Received: from [217.86.132.238] by web34713.mail.mud.yahoo.com via HTTP;
	Thu, 15 Jun 2006 11:18:13 CEST
Date: Thu, 15 Jun 2006 11:18:13 +0200 (CEST)
From: Stephan Eckweiler <edge_records@yahoo.com>
To: freebsd-questions@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Content-Filtered-By: Mailman/MimeDel 2.1.5
Subject: Does fbsd support NAT-Traversal IPSEC VPNs?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Jun 2006 09:18:14 -0000

I found for netbsd a kernel config named "options IPSEC_NAT_T", this doesn't exist (I have fbsd 6.0 stable). Also OpenBSD has support since 3.6.
   
  Is there any way to get Nat-Traversal run, or whatever thing to encapsulate esp-packets into UDP? I'm using racoon, out of the ipsec-tools Port, which has at least such options in racoon.conf. But when I say 
   
    racoon -f /usr/local/etc/racoon.conf 
   
  and include 
   
    nat_traversal on; 
   
  the daemon doesn't start, my log says 
   
    compression algorithm cannot be checked because sadb message doesn't support it.
   
  Thanks in advance
  
Stephan

 __________________________________________________
Do You Yahoo!?
Sie sind Spam leid? Yahoo! Mail verfügt über einen herausragenden Schutz gegen Massenmails. 
http://mail.yahoo.com