Date: Sun, 17 Sep 2006 11:58:17 -0400 From: "Scott Ullrich" <sullrich@gmail.com> To: "VANHULLEBUS Yvan" <vanhu_bsd@zeninc.net> Cc: freebsd-net@freebsd.org Subject: Re: FAST_IPSEC NAT-T support Message-ID: <d5992baf0609170858y107897c9k3039dbcb3d61d39a@mail.gmail.com> In-Reply-To: <20060917125531.GA1611@jayce.zen.inc> References: <20060914093034.A83805@gta.com> <d5992baf0609141843t5b81cf77w4d35a3a36beced1c@mail.gmail.com> <20060915091430.A45488@gta.com> <d5992baf0609150907p64ce6394y4b1fbb3309e76d53@mail.gmail.com> <20060917125531.GA1611@jayce.zen.inc>
next in thread | previous in thread | raw e-mail | index | archive | help
On 9/17/06, VANHULLEBUS Yvan <vanhu_bsd@zeninc.net> wrote: > Make sure your ipsec-tools port have been recompiled after your system > has been patched / compiled / upgraded, and use > /usr/local/sbin/setkey. > > FreeBSD's setkey does not (yet ?) support NAT-T extensions at all. I tried both /sbin/setkey and /usr/locals/bin/setkey and both result in the same Invalid extension type errors. builder# ls -la /sbin/setkey -r-xr-xr-x 1 root wheel 56456 Jun 16 03:49 /sbin/setkey builder# ls -la /usr/local/sbin/setkey -r-xr-xr-x 1 root wheel 86472 Sep 17 15:54 /usr/local/sbin/setkey # /sbin/setkey -D Invalid extension type Invalid extension type Invalid extension type Invalid extension type Invalid extension type Invalid extension type Invalid extension type Invalid extension type # /usr/local/sbin/setkey -D Invalid extension type Invalid extension type Invalid extension type Invalid extension type Invalid extension type Invalid extension type Invalid extension type Invalid extension type Can you think of anything else to try? I re-compiled ipsec-tools on the same host before sending this. Thanks!
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?d5992baf0609170858y107897c9k3039dbcb3d61d39a>