From owner-freebsd-net@FreeBSD.ORG Wed Nov 1 03:04:43 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B4A4316A407 for ; Wed, 1 Nov 2006 03:04:43 +0000 (UTC) (envelope-from ml@t-b-o-h.net) Received: from vjofn.tucs-beachin-obx-house.com (vjofn.tucs-beachin-obx-house.com [204.107.90.128]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3D00E43D5C for ; Wed, 1 Nov 2006 03:04:24 +0000 (GMT) (envelope-from ml@t-b-o-h.net) Received: from himinbjorg.tucs-beachin-obx-house.com (c-69-249-95-230.hsd1.nj.comcast.net [69.249.95.230]) (authenticated bits=0) by vjofn.tucs-beachin-obx-house.com (8.12.9/8.12.9) with ESMTP id kA134Gmt030608 for ; Tue, 31 Oct 2006 22:04:16 -0500 (EST) Received: from himinbjorg.tucs-beachin-obx-house.com (localhost.tucs-beachin-obx-house.com [127.0.0.1]) by himinbjorg.tucs-beachin-obx-house.com (8.13.6/8.13.6) with ESMTP id kA134Bct063368 for ; Tue, 31 Oct 2006 22:04:11 -0500 (EST) (envelope-from ml@t-b-o-h.net) Received: (from tbohml@localhost) by himinbjorg.tucs-beachin-obx-house.com (8.13.6/8.13.6/Submit) id kA134Bwi063367 for freebsd-net@freebsd.org; Tue, 31 Oct 2006 22:04:11 -0500 (EST) (envelope-from tbohml) From: "Tuc at T-B-O-H.NET" Message-Id: <200611010304.kA134Bwi063367@himinbjorg.tucs-beachin-obx-house.com> To: freebsd-net@freebsd.org Date: Tue, 31 Oct 2006 22:04:11 -0500 (EST) X-Mailer: ELM [version 2.5 PL8] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Subject: Where is IPSec NAT-T support? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 01 Nov 2006 03:04:43 -0000 >From Larry: > >> I'm interesting FAST_IPSEC support:-). > > > > if Larry or someone else have quickly some time to do it, please let > > me know. > > > > If no one else port that (it shouldn't be too difficult, but takes > > some time), I'll do it "ASAP"..... > I'll make the time. Should have something in the next day or two. > > Larry I was wondering where this is. I applied the FreeBSD6 patch to 5.5-RELEASE-p8 and compiled out of FreeBSD ports. I've had all sorts of issues getting it working. I recompiled with : # This file is auto-generated by 'make config'. # No user-servicable parts inside! # Options for ipsec-tools-0.6.6 _OPTIONS_READ=ipsec-tools-0.6.6 WITH_DEBUG=true WITH_IPV6=true WITH_ADMINPORT=true WITH_STATS=true WITH_DPD=true WITHOUT_NATT=true WITH_FRAG=true WITHOUT_HYBRID=true WITHOUT_PAM=true WITHOUT_GSSAPI=true WITHOUT_RADIUS=true WITHOUT_SAUNSPEC=true WITHOUT_RC5=true WITHOUT_IDEA=true As soon as I did, my configuration immediately worked. Are there still known NATT issues? Thanks, Tuc