Date: Sun, 19 Nov 2017 22:06:07 +0700 From: Eugene Grosbein <eugen@grosbein.net> To: Victor Sudakov <vas@mpeks.tomsk.su>, Eric Masson <emss@free.fr> Cc: freebsd-net@freebsd.org, Jim Thompson <jim@netgate.com>, "Muenz, Michael" <m.muenz@spam-fetish.org> Subject: Re: OpenVPN vs IPSec Message-ID: <5A119DDF.4090809@grosbein.net> In-Reply-To: <20171119145116.GE82727@admin.sibptus.transneft.ru> References: <20171118165842.GA73810@admin.sibptus.transneft.ru> <b96b449e-3dc1-6e75-e803-e6d6abefe88e@spam-fetish.org> <20171119120832.GA82727@admin.sibptus.transneft.ru> <86o9nytmma.fsf@newsrv.interne.associated-bears.org> <20171119145116.GE82727@admin.sibptus.transneft.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
19.11.2017 21:51, Victor Sudakov wrote: > And the kernel IPsec implementation has had problems with NAT > traveral. Does it stil have problems and requre extra patches for NAT > traveral? No, it has not after IPSec code overhaul in times of 11.0-STABLE. NAT traversal works out-of-box these days not requiring extra patches. It needs "nat_traversal on" in the racoon.conf, though.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5A119DDF.4090809>