From owner-freebsd-net@FreeBSD.ORG  Mon Sep  4 17:24:47 2006
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
X-Original-To: freebsd-net@freebsd.org
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 5A59A16A4DE
	for <freebsd-net@freebsd.org>; Mon,  4 Sep 2006 17:24:47 +0000 (UTC)
	(envelope-from sullrich@gmail.com)
Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.169])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 48DBC43D66
	for <freebsd-net@freebsd.org>; Mon,  4 Sep 2006 17:24:46 +0000 (GMT)
	(envelope-from sullrich@gmail.com)
Received: by ug-out-1314.google.com with SMTP id m2so1836010uge
	for <freebsd-net@freebsd.org>; Mon, 04 Sep 2006 10:24:45 -0700 (PDT)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com;
	h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;
	b=rFEqnSLXtgQ/chTx8A3qrlNYgJLi7tBqgJOLSeVNdh6hAoHjCveueTlbPtQAST02QRYX/Y418cVdw9Gc7xY6Inqx+2F1+35rFfzk95vMKJz18EGusHEvZRcgz5A+hdiM9OW3+6L5N6QFXR8yTc8zSr9uBS/AsYAyt2KrqdLFZw8=
Received: by 10.66.249.11 with SMTP id w11mr3094830ugh;
	Mon, 04 Sep 2006 10:24:45 -0700 (PDT)
Received: by 10.67.28.14 with HTTP; Mon, 4 Sep 2006 10:24:45 -0700 (PDT)
Message-ID: <d5992baf0609041024q111de4d6t606266cf48b2d67a@mail.gmail.com>
Date: Mon, 4 Sep 2006 13:24:45 -0400
From: "Scott Ullrich" <sullrich@gmail.com>
To: "Norikatsu Shigemura" <nork@freebsd.org>
In-Reply-To: <20060905022120.19c6d62d.nork@FreeBSD.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <20060905022120.19c6d62d.nork@FreeBSD.org>
Cc: freebsd-net@freebsd.org
Subject: Re: Where is IPSec NAT-T support?
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Sep 2006 17:24:47 -0000

On 9/4/06, Norikatsu Shigemura <nork@freebsd.org> wrote:
>         I'm finding IPSec NAT-Traversal support patch for 6-stable and
>         7-current.  But I could only find it for 6.0-R and 4-stable:-(.
>         Where is IPSec NAT-T support patch?
>         And why does IPSec NAT-T support be comitted into src tree?
>         NetBSD already supports IPSec NAT-Traversal.

When building the security/ipsec-tools package this gem is displayed:

===> -------------------------------------------------------------------------
===> ATTENTION: You need a kernel patch to enable NAT-Traversal functionality!
===> You can download the patch here:
===>     http://ipsec-tools.sf.net/freebsd6-natt.diff
===> You might possibly have to do some steps manually if it fails to apply.
===> -------------------------------------------------------------------------

However, it does not compile and work on RELENG_6_1.  I too would like
to see NAT-T support committed as its a commonly requested feature for
pfSense.   This would also benefit m0n0wall if it was committed.

Scott