Date: Fri, 12 Dec 2008 18:45:20 +0200 From: Artyom Viklenko <artem@aws-net.org.ua> To: freebsd-net@freebsd.org Subject: Re: NAT-T + ipsec integration Message-ID: <200812121845.20262.artem@aws-net.org.ua> In-Reply-To: <20081211123958.GA5332@zeninc.net> References: <20081211122828.CF3958FC16@mx1.freebsd.org> <20081211123958.GA5332@zeninc.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thursday 11 December 2008 14:39:58 VANHULLEBUS Yvan wrote: > On Thu, Dec 11, 2008 at 04:02:01AM -0800, Gabe wrote: > > Hello all > > Hi. > > > Does anyone know how to enable nat traversal on freebsd? > > > > I've got a site to site ipsec tunnel setup but clients behind the > > nat can't vpn through it. Any help would be appreciated. > > Actually, you can apply a patch to src/sys and recompile your kernel > with IPSEC_NAT_T options. > Patches are available here: > http://people.freebsd.org/~vanhu/NAT-T/ And what about patches for 6.4-RELEASE? > > > You can also try to play with Perforce's branch, but it is still work > in progress to have a cleaned up version of PFKey interface (it may > work, but I just started to set up some testing hosts). > > > > To answer the question some people may ask in this thread: the whole > patch should be included in TRUNK as soon as PFKey cleanup will be > done (which means "implemented + heavilly tested + reviewed"). > > > > Yvan. > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" -- Sincerely yours, Artyom Viklenko. ------------------------------------------------------- artem@aws-net.org.ua | http://www.aws-net.org.ua/~artem artem@viklenko.net | ================================ FreeBSD: The Power to Serve - http://www.freebsd.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200812121845.20262.artem>