S.P.Zeidler
2010-08-28 12:30:09 UTC
Dear all,
please review and test the patch at
http://www.netbsd.org/~spz/ipsec-natt-abi-fix.diff
The patch leans on vanhus patch for FreeBSD, but differs.
IPSEC + IPSEC-NAT-T: tested to work when not using NAT-T
(I use IPSEC but I have no counterpoint to test NAT-T against at present)
FAST_IPSEC + IPSEC-NAT-T: does not seem to work less than without the patch
IPv4 seems to work.
IPv6: I can ping6 my tunnel gateway, but nothing beyond it. It seems
to try to open a ipsec conversation to the target itself instead of
tunnelling, which is Not Allowed (and not expected).
Starting firefox (with or without the NAT-T patch) gets me a panic with
ensuing panic of ddb (with the NAT-T patch it's LOCKDEBUG, not convinced
that that is resembling the reason). I'll test FAST_IPSEC some more later.
regards,
spz
please review and test the patch at
http://www.netbsd.org/~spz/ipsec-natt-abi-fix.diff
The patch leans on vanhus patch for FreeBSD, but differs.
IPSEC + IPSEC-NAT-T: tested to work when not using NAT-T
(I use IPSEC but I have no counterpoint to test NAT-T against at present)
FAST_IPSEC + IPSEC-NAT-T: does not seem to work less than without the patch
IPv4 seems to work.
IPv6: I can ping6 my tunnel gateway, but nothing beyond it. It seems
to try to open a ipsec conversation to the target itself instead of
tunnelling, which is Not Allowed (and not expected).
Starting firefox (with or without the NAT-T patch) gets me a panic with
ensuing panic of ddb (with the NAT-T patch it's LOCKDEBUG, not convinced
that that is resembling the reason). I'll test FAST_IPSEC some more later.
regards,
spz
--
***@serpens.de (S.P.Zeidler)
--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
***@serpens.de (S.P.Zeidler)
--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de