Date: Fri, 12 Dec 2008 22:41:55 +0200 (EET) From: Artyom Viklenko <artem@aws-net.org.ua> To: VANHULLEBUS Yvan <vanhu@freebsd.org> Cc: freebsd-net@freebsd.org Subject: Re: NAT-T + ipsec integration Message-ID: <alpine.BSF.2.00.0812122236300.94200@nys.njf-arg.bet.hn> In-Reply-To: <20081212175500.GA2573@zeninc.net> References: <20081211122828.CF3958FC16@mx1.freebsd.org> <20081211123958.GA5332@zeninc.net> <200812121845.20262.artem@aws-net.org.ua> <20081212175500.GA2573@zeninc.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 12 Dec 2008, VANHULLEBUS Yvan wrote: > On Fri, Dec 12, 2008 at 06:45:20PM +0200, Artyom Viklenko wrote: >> On Thursday 11 December 2008 14:39:58 VANHULLEBUS Yvan wrote: > [....] >>> Actually, you can apply a patch to src/sys and recompile your kernel >>> with IPSEC_NAT_T options. >>> Patches are available here: >>> http://people.freebsd.org/~vanhu/NAT-T/ >> >> And what about patches for 6.4-RELEASE? > > I just not tested on 6.4 (almost all my devices moved to 7.x, and the > remaining ones will stay in 6.3 for various reasons), but 6.3 patch > should work on 6.4 if it compiles cleanly (I did NOT check every > single kernel change between 6.3 and 6.4). > > If people can test it and see some compile/runtime problems, please > report them, I'll try to fix them. Just applied the patch to 6.4-RELEASE. Kernel was compiles successfully and ipsec-tools (racoon) also was compiled successufully with NAT-T. Racoon started and reported about NAT-T support. So far so good! Will try to run IPSec tunnel may be in couple of weeks. Thanks a lot! -- Sincerely yours, Artyom Viklenko. ------------------------------------------------------- artem@aws-net.org.ua | http://www.aws-net.org.ua/~artem FreeBSD: The Power to Serve - http://www.freebsd.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.00.0812122236300.94200>