From owner-freebsd-net@FreeBSD.ORG Thu Mar 23 17:22:47 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 03E7C16A420 for ; Thu, 23 Mar 2006 17:22:47 +0000 (UTC) (envelope-from e-masson@kisoft-services.com) Received: from mallaury.nerim.net (smtp-104-thursday.noc.nerim.net [62.4.17.104]) by mx1.FreeBSD.org (Postfix) with ESMTP id 74E3C43D48 for ; Thu, 23 Mar 2006 17:22:45 +0000 (GMT) (envelope-from e-masson@kisoft-services.com) Received: from srvbsdnanssv.interne.kisoft-services.com (kisoft.net1.nerim.net [62.212.107.51]) by mallaury.nerim.net (Postfix) with ESMTP id 20C3F4F3D9; Thu, 23 Mar 2006 18:22:32 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) by srvbsdnanssv.interne.kisoft-services.com (Postfix) with ESMTP id 3C1DAC6F8; Thu, 23 Mar 2006 18:22:41 +0100 (CET) Received: from srvbsdnanssv.interne.kisoft-services.com ([127.0.0.1]) by localhost (srvbsdnanssv.interne.kisoft-services.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 60213-06; Thu, 23 Mar 2006 18:22:37 +0100 (CET) Received: by srvbsdnanssv.interne.kisoft-services.com (Postfix, from userid 1001) id DA346C6E0; Thu, 23 Mar 2006 18:22:36 +0100 (CET) To: VANHULLEBUS Yvan From: Eric Masson In-Reply-To: <20060323163951.GA11458@zen.inc> (VANHULLEBUS Yvan's message of "Thu, 23 Mar 2006 17:39:51 +0100") References: <4421CCF3.9010907@shrew.net> <86odzx2lem.fsf@srvbsdnanssv.interne.kisoft-services.com> <20060323163951.GA11458@zen.inc> X-Operating-System: FreeBSD 5.4-RELEASE-p2 i386 Date: Thu, 23 Mar 2006 18:22:36 +0100 Message-ID: <86d5gd2i03.fsf@srvbsdnanssv.interne.kisoft-services.com> User-Agent: Gnus/5.1006 (Gnus v5.10.6) XEmacs/21.4 (Jumbo Shrimp, berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-15 Content-Transfer-Encoding: 8bit X-Virus-Scanned: amavisd-new at interne.kisoft-services.com Cc: freebsd-net@freebsd.org Subject: Re: FreeBSD as a VPN Client Gateway ... X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Mar 2006 17:22:47 -0000 VANHULLEBUS Yvan writes: Hi Yvan, > It should work (I'm compiling it with a modified 6.1-PRERELEASE, but > did not tried for now with just 6.1-PRERELEASE+NAT6T patch). I've forced natt support in the Makefile. > Could you send me the logs ? Asap, I have to make some place on my laptop and then transfer the vmware image I use for these tests. > nat-t support detection is quite bad actually (and not only with > FreeBSD), as it just detects NAT-T support in kernel includes, not in > compiled kernel. That's what I've seen > Have a look at your /usr/include/net/pfkeyv2.h, and see if you have > some NAT-T related stuff. This file contains the structure that the configure generated program tries to use. > I didn't have news about patent issues recently. Nice. > There are still some works to do on the patch, especially: > > - sync with Manu's recent works on NetBSD (support for multiple peers > behind the same address). > > It should not take too long to do that, and I'll work on it within > next weeks. > > - port to FAST_IPSEC. Once again, it should not take too much time to > do that. I was waiting for George's works on PFKey interface, but > looks like it won't really be a problem to merge both works, so I'll > probably do it "soon". Would be nice, as KAME ipsec stack doesn't seem to have locked atm (the box I plan to use is an old dual ppro) > But the actual version of the patch is already good enough for > integration if FreeBSd's team wants it, there are just some > (temporary) limitations which needs to be know. Great, I'll post the configure log asa the box and I are ready ;) Éric -- Tous cela, il faut que ça change. Je PAYE mon abonnement Internet et j'exige que mon vote et mes opinions soient pris en considération. -+- Rocou In GNU - Les payeurs ne sont pas les conseilleurs -+-