From owner-freebsd-net@FreeBSD.ORG Thu Jul 16 12:58:02 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3EBE0106566B for ; Thu, 16 Jul 2009 12:58:02 +0000 (UTC) (envelope-from phoemix@harmless.hu) Received: from marvin.harmless.hu (marvin.harmless.hu [195.56.55.204]) by mx1.freebsd.org (Postfix) with ESMTP id F36268FC15 for ; Thu, 16 Jul 2009 12:58:01 +0000 (UTC) (envelope-from phoemix@harmless.hu) Received: from [217.150.130.134] (helo=unknown) by marvin.harmless.hu with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1MRQXA-000P5Z-Vy; Thu, 16 Jul 2009 14:58:01 +0200 Date: Thu, 16 Jul 2009 14:57:59 +0200 From: Gergely CZUCZY To: VANHULLEBUS Yvan Message-ID: <20090716145759.000074c9@unknown> In-Reply-To: <20090716123836.GA85624@zeninc.net> References: <20090716143248.0000184e@unknown> <20090716123836.GA85624@zeninc.net> Organization: Harmless Digital Bt X-Mailer: Claws Mail 3.7.1 (GTK+ 2.16.0; i586-pc-mingw32msvc) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: FreeBSD 7.2 racoon and NAT-T X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Jul 2009 12:58:02 -0000 On Thu, 16 Jul 2009 14:38:36 +0200 VANHULLEBUS Yvan wrote: > On Thu, Jul 16, 2009 at 02:32:48PM +0200, Gergely CZUCZY wrote: > > Hello, > > Hi. > > > > I'd like to ask for the state of that NAT-T support in 7.2. I've > > seen a note in ipsec-tools's OPTIONS for a required kernel patch > > for 6.x in order to have NAT-T working. Is this also required for > > 7.2? If a kernel patch is needed, is a recent patch available for > > 7.2? Does racoon needs to be patched with anything not in the port? > > http://people.freebsd.org/~vanhu/NAT-T/patch-natt-7.2-2009-05-12.diff > and ipsec-tools 0.7.x will work together (NOT tried with very recent > versions of stable/7, please report any problem). > > > A new FreeBSD patch will be needed to be able to run with upcoming > 0.8.x (and with recent HEAD snapshots), and will be put in the same > location. Thank you very much. Would it be possible that this could be integrated? Might be with racoon, that would also be very nice. So far this is the only thing I've found in FreeBSD that needs a feature in the base install needs a 3rdparty utility in order to work at all. Would be very nice to have everything in base available to have IPSec working all around. > > > Yvan. -- Sincerely, Gergely CZUCZY Harmless Digital Bt +36-30-9702963