From owner-freebsd-net@FreeBSD.ORG  Thu Jul 16 12:38:37 2009
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id D6970106566C
	for <freebsd-net@freebsd.org>; Thu, 16 Jul 2009 12:38:37 +0000 (UTC)
	(envelope-from vanhu@zeninc.net)
Received: from smtp.zeninc.net (smtp.zeninc.net [80.67.176.25])
	by mx1.freebsd.org (Postfix) with ESMTP id 972328FC15
	for <freebsd-net@freebsd.org>; Thu, 16 Jul 2009 12:38:37 +0000 (UTC)
	(envelope-from vanhu@zeninc.net)
Received: from astro.zen.inc (astro.zen.inc [192.168.1.239])
	by smtp.zeninc.net (smtpd) with ESMTP id 7A5D52798BD;
	Thu, 16 Jul 2009 14:38:36 +0200 (CEST)
Received: by astro.zen.inc (Postfix, from userid 1000)
	id 4CE0A17046; Thu, 16 Jul 2009 14:38:36 +0200 (CEST)
Date: Thu, 16 Jul 2009 14:38:36 +0200
From: VANHULLEBUS Yvan <vanhu@FreeBSD.org>
To: Gergely CZUCZY <phoemix@harmless.hu>
Message-ID: <20090716123836.GA85624@zeninc.net>
References: <20090716143248.0000184e@unknown>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20090716143248.0000184e@unknown>
User-Agent: All mail clients suck. This one just sucks less.
Cc: freebsd-net@freebsd.org
Subject: Re: FreeBSD 7.2 racoon and NAT-T
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Jul 2009 12:38:38 -0000

On Thu, Jul 16, 2009 at 02:32:48PM +0200, Gergely CZUCZY wrote:
> Hello,

Hi.


> I'd like to ask for the state of that NAT-T support in 7.2. I've seen a
> note in ipsec-tools's OPTIONS for a required kernel patch for 6.x in
> order to have NAT-T working. Is this also required for 7.2?
> If a kernel patch is needed, is a recent patch available for 7.2?
> Does racoon needs to be patched with anything not in the port?

http://people.freebsd.org/~vanhu/NAT-T/patch-natt-7.2-2009-05-12.diff
and ipsec-tools 0.7.x will work together (NOT tried with very recent
versions of stable/7, please report any problem).


A new FreeBSD patch will be needed to be able to run with upcoming
0.8.x (and with recent HEAD snapshots), and will be put in the same
location.


Yvan.