From owner-freebsd-net@FreeBSD.ORG Fri Dec 12 13:51:24 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 467F11065678 for ; Fri, 12 Dec 2008 13:51:24 +0000 (UTC) (envelope-from nrml@att.net) Received: from smtp110.sbc.mail.mud.yahoo.com (smtp110.sbc.mail.mud.yahoo.com [68.142.198.209]) by mx1.freebsd.org (Postfix) with SMTP id 115368FC24 for ; Fri, 12 Dec 2008 13:51:23 +0000 (UTC) (envelope-from nrml@att.net) Received: (qmail 85727 invoked from network); 12 Dec 2008 13:51:23 -0000 Received: from unknown (HELO Inbox) (nrml@70.1.142.145 with login) by smtp110.sbc.mail.mud.yahoo.com with SMTP; 12 Dec 2008 13:51:21 -0000 X-YMail-OSG: uUcIyAIVM1lfHK534InIIkN5HE2.XLYXoWzX6bxyeKEiiLEWEUV1mK3VTGIggNjCJxs1ArRhXZfNmqIWPiAfb1LqozZsrauecCdFFibh36n1t_VnrB_gP0Qk5JoW6b2CAaQ.iRyqmQWL3LUS8ZHizvOX X-Yahoo-Newman-Property: ymail-3 MIME-Version: 1.0 content-class: From: Gabe Date: Fri, 12 Dec 2008 05:51:31 -0800 Importance: normal X-Priority: 3 To: VANHULLEBUS Yvan Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="iso-8859-1" Message-Id: <20081212135124.115368FC24@mx1.freebsd.org> Cc: freebsd-net@freebsd.org Subject: RE: NAT-T + ipsec integration X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Dec 2008 13:51:24 -0000 So far so good... Should I be worried that the patch file names have 'test'= in them? -----Original Message----- From: Gabe Sent: Thursday, December 11, 2008 5:31 AM To: VANHULLEBUS Yvan Cc: freebsd-net@freebsd.org Subject: RE: NAT-T + ipsec integration Ok recompiling now. Hopefully it works fine. I'll report back. Thanks. -----Original Message----- From: VANHULLEBUS Yvan Sent: Thursday, December 11, 2008 4:39 AM To: Gabe Cc: freebsd-net@freebsd.org Subject: Re: NAT-T + ipsec integration On Thu, Dec 11, 2008 at 04:02:01AM -0800, Gabe wrote: > Hello all Hi. > Does anyone know how to enable nat traversal on freebsd? >=20 > I've got a site to site ipsec tunnel setup but clients behind the > nat can't vpn through it. Any help would be appreciated. Actually, you can apply a patch to src/sys and recompile your kernel with IPSEC_NAT_T options. Patches are available here: http://people.freebsd.org/~vanhu/NAT-T/ You can also try to play with Perforce's branch, but it is still work in progress to have a cleaned up version of PFKey interface (it may work, but I just started to set up some testing hosts). To answer the question some people may ask in this thread: the whole patch should be included in TRUNK as soon as PFKey cleanup will be done (which means "implemented + heavilly tested + reviewed"). Yvan. _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"