R: [Openswan Users] NAT-T Issue on 2.4.26 kernel - WORKS!!!

Sebastian Zdrojewski sebastian.zdrojewski at technomind.it
Tue Apr 27 16:23:36 CEST 2004 

Last message for today folks :)

Thanks for helping, I got the system fine working!! =:)

client <---> NAT <---> (INTERNET) <---> Server

This is my laboratory configuration and is currently working with L2TP/IPsec configuration.

I am also working on a HOW-TO in (hope soon) both italian and english version :) I will try a new install tomorrow from a plain tree to see what's the problem when applying the patch.

Thanks again,

Sebastian "En3pY" Zdrojewski

-

> -----Messaggio originale-----
> Da: Axel Thimm [mailto:Axel.Thimm at ATrpms.net]
> Inviato: martedì 27 aprile 2004 14.59
> A: Sebastian Zdrojewski
> Cc: users at openswan.org
> Oggetto: Re: [Openswan Users] NAT-T Issue on 2.4.26 kernel
> 
> On Tue, Apr 27, 2004 at 01:41:23PM +0200, Sebastian Zdrojewski wrote:
> >
> > Hello all,
> >
> > I am new to the list, so please forgive me if I am asking something that
> > may be already answered.
> >
> > I am actually compiling openswan-2.1.2rc3 on a Linux box using the
> > source tree for 2.4.26 kernel. It works fine without the NAT-T
> > functionality (I am working on a L2TP/IPsec gateway).
> >
> > When I started to look for the NAT-T feature in /var/log/secure I am
> > finding this error:
> >
> > Apr 27 01:29:32 xxxxx pluto [PIDno]: NAT:Traversal: ESPINUDP(1) not
> > supported by kernel -- NAT-T disabled
> >
> > Now: I am looking for more information about this (I didn't get this
> > problem with 1.0.3 version) and I can't understand what's wrong. The
> > kernel seems to be compiled correctly. I've tried both methods compiling
> > using the "make menugo", by applying the kernel-patch file, and even
> > using the "make nattpatch"... but result is still the same.
> >
> > Anybody have a suggestion?
> 
> You need to apply the patch generated my nattpatch against the kernel
> and rebuild the kernel. You can also start right away with
> 
> http://www.openswan.org/code/openswan-2.1.2rc3.natt.patch.gz
> 
> and if you like also patch right in the openswan patch
> 
> http://www.openswan.org/code/openswan-2.1.2rc3.kern.patch.gz
> 
> I'd be very interested, if you get this going, as there seem to be
> problems with this combination at least when starting with Fedora Core
> kernel sources. Therefore a verification/falsification of issues would
> be very helpful. Thanks!
> 
> > Thanks in advance,
> >
> > En3pY
> >
> > -
> >
> > _______________________________________________
> > Users mailing list
> > Users at lists.openswan.org
> > http://lists.openswan.org/mailman/listinfo/users
> 
> --
> Axel.Thimm at ATrpms.net

More information about the Users mailing list