Date: Sat, 23 Jan 2010 10:09:00 +0000 (UTC) From: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net> To: Nat Howard <freebsd-stable@track.pupworks.com> Cc: freebsd-stable@freebsd.org Subject: Re: IPSec NAT-T in transport mode Message-ID: <20100123100713.X50938@maildrop.int.zabbadoz.net> In-Reply-To: <B0B23035-26CD-45AE-96A0-D16957412C70@track.pupworks.com> References: <B0B23035-26CD-45AE-96A0-D16957412C70@track.pupworks.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 22 Jan 2010, Nat Howard wrote: > I'm very interested in this problem -- I want to run an L2TP server myself. Is anyone actually working on this? I might be able to chip in a few bucks... > > But I'm not seeing bad checksums. Here's my setup: > > > L2tp server A<---------------->B Freebsd NAT box C <-----------internal network----------->D my mac > > Where should I be seeing the bad checksums? A, B, C, or D? > > > Looking only at B, I don't see any bad udp checksums, but I'm seeing a bunch of these (IP numbers changed to bracketed names): This doesn't say if you are using IPsec but I will asume so, that would mean that you D "my mac" would initiate the connection and the A node "L2tp server" would then be the other end. If that's a FreeBSD box as well, you should check statistics there. The NAT gateway in between has nothing to do with this, only the IPsec ends. /bz -- Bjoern A. Zeeb It will not break if you know what you are doing.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100123100713.X50938>