Date: Sat, 15 Jul 2000 15:12:57 -0700 (PDT) From: Doug White <dwhite@resnet.uoregon.edu> To: Antony Russell <tony@oct.co.za> Cc: freebsd-stable@FreeBSD.ORG Subject: Re: natd and VPN client Message-ID: <Pine.BSF.4.21.0007151508500.82740-100000@resnet.uoregon.edu> In-Reply-To: <004b01bfee26$a7399540$6a481fc4@oct.co.za>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 15 Jul 2000, Antony Russell wrote: > Using the -v option to natd I have discovered that the connection is setup > correctly using UDP. Thereafter the VPN client tries to communicate with the > VPN software with protocol 50 which is defined as ESP (Encapsulating > Security Payload) in the protocols file. Unfortunately natd does not perform > any translation on ESP packets and the VPN connection then fails. This sounds strangely like pptp. > Can anyone out there tell me why natd behaves like this and if it would be > possible to change this behaviour. Alternatively, is there another natd like > application that I could use instead. The natd in -CURRENT and -STABLE after June 20 has a redirect_protocol option that you can use to redirect all inbound ESP packets to a specific internal machine (or vice versa). That or hack natd/libalias to teach it how to NAT ESP packets, which is no small feat. Doug White | FreeBSD: The Power to Serve dwhite@resnet.uoregon.edu | www.FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0007151508500.82740-100000>