Date: Fri, 24 Jul 2009 18:10:42 +0200 (CEST) From: Ingo Flaschberger <if@xip.at> To: freebsd-net@freebsd.org Subject: Re: natt (again) in 7.2 stable and a forticlient Message-ID: <alpine.LFD.1.10.0907241752070.1395@filebunker.xip.at> In-Reply-To: <alpine.LFD.1.10.0907241609180.1395@filebunker.xip.at> References: <alpine.LFD.1.10.0907232208260.25323@filebunker.xip.at> <20090724082915.GA93467@zeninc.net> <alpine.LFD.1.10.0907241609180.1395@filebunker.xip.at>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --]
Hi,
> attached a patch for ports-security-ipsec-tools Makefile
> to disable to offer NATT-IKE-ENCAP.
aii.. bug in the batch, sorry.
attached new patch.
Kind regards,
Ingo Flaschberger
[-- Attachment #2 --]
--- Makefile_org 2009-07-24 15:01:11.000000000 +0200
+++ Makefile 2009-07-24 17:47:26.000000000 +0200
@@ -41,6 +41,7 @@
DPD "enable Dead Peer Detection" on \
NATT "enable NAT-Traversal (kernel-patch required)" on \
NATTF "require NAT-Traversal (fail without kernel-patch)" off \
+ NATNONIKE "offer NAT-Traversal UDP encapsulation only" off \
FRAG "enable IKE fragmentation payload support" on \
HYBRID "enable Hybrid, Xauth and Mode-cfg support" on \
PAM "enable PAM authentication (Xauth server)" off \
@@ -99,6 +100,10 @@
CONFIGURE_ARGS+= --disable-natt
.endif
+.ifdef(WITH_NATNONIKE)
+CONFIGURE_ARGS+= --enable-natt-versions=2,3,4,5,6,5,7,8,RFC
+.endif
+
.ifdef(WITH_FRAG)
CONFIGURE_ARGS+= --enable-frag
.else
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.LFD.1.10.0907241752070.1395>