Date: Fri, 15 Sep 2006 12:07:58 -0400 From: "Scott Ullrich" <sullrich@gmail.com> To: "Larry Baird" <lab@gta.com> Cc: freebsd-net@freebsd.org Subject: Re: FAST_IPSEC NAT-T support Message-ID: <d5992baf0609150907p64ce6394y4b1fbb3309e76d53@mail.gmail.com> In-Reply-To: <20060915091430.A45488@gta.com> References: <20060914093034.A83805@gta.com> <d5992baf0609141843t5b81cf77w4d35a3a36beced1c@mail.gmail.com> <20060915091430.A45488@gta.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 9/15/06, Larry Baird <lab@gta.com> wrote: > On Thu, Sep 14, 2006 at 09:43:38PM -0400, Scott Ullrich wrote: > > On 9/14/06, Larry Baird <lab@gta.com> wrote: > > > Please find attached two patches for adding FAST_IPSEC NAT-T support to > > > FreeBSD 6.x. The patch "freebsd6-fastipsec-natt.diff" is dependent > > > upon Yvan's IPSEC NAT-T patch "freebsd6-natt.diff" which can be found at > > > http://ipsec-tools.cvs.sourceforge.net/ipsec-tools/htdocs/. The second > > > patch "freebsd6-ipsec-fastipsec-natt.diff" is a cumulative patch > > > combining both patches together. Great, thanks! Next problem that I have encountered (with FAST_IPSEC) is: # /sbin/setkey -D Invalid extension type Invalid extension type Invalid extension type Invalid extension type Invalid extension type Invalid extension type Invalid extension type Invalid extension type Invalid extension type Invalid extension type Invalid extension type Invalid extension type Invalid extension type Invalid extension type Let me know if I can do any further testing, still waiting for status reports from a few of the pfSense users, but IPSEC seems to work okay even with this small cosmetic setkey issue. Scott
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?d5992baf0609150907p64ce6394y4b1fbb3309e76d53>