Re: [Ipsec-tools-devel] Updated FreeBSD NAT-T patches
Brought to you by:
mit_warlord,
netbsd
From: VANHULLEBUS Y. <va...@fr...> - 2005-04-29 14:37:14
|
On Fri, Apr 29, 2005 at 08:56:08AM -0400, Larry Baird wrote: > Yes. I configured two greenbow clients behind the same NAT device > with small lifetimes. I then started continuous pings from both of > the client workstations. No problems were found. Hi. I just made a *really quick* review of the diff between a sys tree + "official" patch and a sys tree with your new version of the patch. You should at least do a sed /IPSEC_NAT_T/ENABLE_NATT/ on the source tree, or a sed /ENABLE_NATT/IPSEC_NAT_T/ if you want, or something else, I don't know, but at least to have a single define for all NAT-T code in the kernel !!! I'll try to do some more checks on that patch (without FAST_IPSEC, but with multiple IPSEC peers behind the same IP) on next days, then commit it, as it seems to work with FAST_IPSEC. Yvan. |