<div>Hi Paul--</div>
<div> </div>
<div>I think I'm looking at a busted NATT config, as you previously suspected, but wanted to run it by folks who may know better. I keep seeing a "udp_encap_rcv(): Unhandled UDP encap type: 1" message. The SA establishes itself and I see the UDP encapsulated traffic going into the linux
2.4.21 endpoint but no return traffic (e.g., ping replies, etc.).</div>
<div> </div>
<div>When I tried a clean natt-patch and build of the 2.4.21 kernel I get a bunch of hunk-failed messages, I think only a couple succeed. I could probably upgrade within the 2.4.x series kernels but that may not be able to happen. Is there a patch that is known to work or a workaround? I tried both the
2.4.7 and 2.4.8rc1 natt patches and both failed the same way. I saw a Mandrake workaround listed when I searched the wiki but the link is broken.</div>
<div> </div>
<div>Thanks!</div>
<div> </div>
<div>Ben--<br><br> </div>
<div><span class="gmail_quote">On 3/1/07, <b class="gmail_sendername">Paul Wouters</b> <<a onclick="return top.js.OpenExtLink(window,event,this)" href="mailto:paul@xelerance.com" target="_blank">paul@xelerance.com</a>
> wrote:</span>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">On Thu, 1 Mar 2007, Ben Batten wrote:<br><br>> I have a 2.4.9 klips system talking to the same NATed 2.4.9
klips system,<br>> though. The difference here being mainly the 2.6.20 Netkey endpoint.<br>><br>> Is there something additional I need to do on the Netkey side to get this<br>> working? Like use setkey or something?
<br><br>A few proc settings need to be set right. ipsec verify will warn if they are<br>set wrong.</blockquote>
<div> </div>
<div> </div><br> </div>