Date: Mon, 24 Jan 2011 09:13:22 +0300 From: Alexander Zagrebin <alex@zagrebin.ru> To: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net> Cc: freebsd-net@freebsd.org Subject: Re: NAT-T/UDPENCAP patch from stable/7 Message-ID: <20110124061321.GA67220@gw.zagrebin.ru> In-Reply-To: <20110123161137.A3489@maildrop.int.zabbadoz.net> References: <20110123161137.A3489@maildrop.int.zabbadoz.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi! On 23.01.2011 16:13:48 +0000, Bjoern A. Zeeb wrote: > here is a version of the NAT-T/UDPENCAP patch as in 8 and 9 for > today's stable/7 for anyone who might want/need it. I would > expect it will equally apply to 7.4-RELEASE once that happened. > > http://people.freebsd.org/~bz/20110123-01-stable7-natt.diff > > You will need to figure out the right version of ipsec-tools or other > IKE clients yourself though. Until now (at least on the 8.2-PRERELEASE) the setkey from the base distribution doesn't dump the SAD entries (`setkey -D`) if NAT-T is used. It reports: "Invalid extension type". Will be this fixed? -- Alexander Zagrebin
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20110124061321.GA67220>