From owner-freebsd-net@FreeBSD.ORG Fri Sep 15 06:39:26 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E0CFF16A403 for ; Fri, 15 Sep 2006 06:39:26 +0000 (UTC) (envelope-from vanhu@zeninc.net) Received: from leia.fdn.fr (ns0.fdn.org [80.67.169.12]) by mx1.FreeBSD.org (Postfix) with ESMTP id 50EDD43D45 for ; Fri, 15 Sep 2006 06:39:25 +0000 (GMT) (envelope-from vanhu@zeninc.net) Received: from smtp.zeninc.net (reverse-25.fdn.fr [80.67.176.25]) by leia.fdn.fr (8.13.3/8.13.3/FDN) with ESMTP id k8F6dNw4007532 for ; Fri, 15 Sep 2006 08:39:24 +0200 Received: by smtp.zeninc.net (smtpd, from userid 1000) id 382AA3F17; Fri, 15 Sep 2006 08:39:18 +0200 (CEST) Date: Fri, 15 Sep 2006 08:39:17 +0200 From: VANHULLEBUS Yvan To: freebsd-net@freebsd.org Message-ID: <20060915063917.GA12057@zen.inc> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: All mail clients suck. This one just sucks less. Subject: Re: Where is IPSec NAT-T support? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Sep 2006 06:39:27 -0000 On Fri, Sep 15, 2006 at 06:02:38AM +0600, Kamanashis Roy Shuva wrote: > Hi, > You have done a great jop. And I find this useful today. Problem is things > are not working fine. > I have compiled freebsd with the patch > MD5 (freebsd6-natt.diff) = 81d535363981b5e84be77cbf26918ccc > for natt support. But I have problems both before and after compilation. > Note, as I tried uname I find > ------------------------------------- > localhost# uname -v > FreeBSD 6.0-RELEASE #7: Thu Sep 14 19:28:39 GMT 2006 tapan@localhost > :/usr/obj/usr/src/sys/IPSEC > ------------------------------------- > Again I have the following line in my conf file for kernel > ------------------------------------- > options IPSEC > options IPSEC_ESP > options IPSEC_DEBUG > options IPSEC_NAT_T > ------------------------------------- > and I have not compiled with fast ipsec support > But there were two problems. > 1. I cannot compile the ipsec-tools with '--enable-natt=yes'. It checks > the presence of > natt support and it fals to find that. There in configure file I find a c > program Guess you didn't "make buildworld && make installworld", so you still have the non patched version of net/pfkeyv2.h in /usr/src. [....] > -------------------------------------- > 2. the patch failed for src/sys/netkey/key.c > and I have tried to do this manually , ?????? Could you give us the .rej ? Yvan. -- NETASQ http://www.netasq.com