Date: Thu, 23 Mar 2006 18:22:36 +0100 From: Eric Masson <e-masson@kisoft-services.com> To: VANHULLEBUS Yvan <vanhu_bsd@zeninc.net> Cc: freebsd-net@freebsd.org Subject: Re: FreeBSD as a VPN Client Gateway ... Message-ID: <86d5gd2i03.fsf@srvbsdnanssv.interne.kisoft-services.com> In-Reply-To: <20060323163951.GA11458@zen.inc> (VANHULLEBUS Yvan's message of "Thu, 23 Mar 2006 17:39:51 %2B0100") References: <4421CCF3.9010907@shrew.net> <86odzx2lem.fsf@srvbsdnanssv.interne.kisoft-services.com> <20060323163951.GA11458@zen.inc>
next in thread | previous in thread | raw e-mail | index | archive | help
VANHULLEBUS Yvan <vanhu_bsd@zeninc.net> writes: Hi Yvan, > It should work (I'm compiling it with a modified 6.1-PRERELEASE, but > did not tried for now with just 6.1-PRERELEASE+NAT6T patch). I've forced natt support in the Makefile. > Could you send me the logs ? Asap, I have to make some place on my laptop and then transfer the vmware image I use for these tests. > nat-t support detection is quite bad actually (and not only with > FreeBSD), as it just detects NAT-T support in kernel includes, not in > compiled kernel. That's what I've seen > Have a look at your /usr/include/net/pfkeyv2.h, and see if you have > some NAT-T related stuff. This file contains the structure that the configure generated program tries to use. > I didn't have news about patent issues recently. Nice. > There are still some works to do on the patch, especially: > > - sync with Manu's recent works on NetBSD (support for multiple peers > behind the same address). > > It should not take too long to do that, and I'll work on it within > next weeks. > > - port to FAST_IPSEC. Once again, it should not take too much time to > do that. I was waiting for George's works on PFKey interface, but > looks like it won't really be a problem to merge both works, so I'll > probably do it "soon". Would be nice, as KAME ipsec stack doesn't seem to have locked atm (the box I plan to use is an old dual ppro) > But the actual version of the patch is already good enough for > integration if FreeBSd's team wants it, there are just some > (temporary) limitations which needs to be know. Great, I'll post the configure log asa the box and I are ready ;) Éric -- Tous cela, il faut que ça change. Je PAYE mon abonnement Internet et j'exige que mon vote et mes opinions soient pris en considération. -+- Rocou In GNU - Les payeurs ne sont pas les conseilleurs -+-
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86d5gd2i03.fsf>