[Openswan Users] Debian 2.6.8 NAT-T not supported by kernel
Herbert Xu
herbert at gondor.apana.org.au
Fri Aug 20 13:36:43 CEST 2004
Lewis Shobbrook <lshobbrook at fasttrack.net.au> wrote:
>
> Just installed a new 2.6.8 kernel and discovered something unusual.
>
> Aug 20 11:16:52 fatswan pluto[30870]: NAT-Traversal: ESPINUDP(1) not
> supported by kernel -- NAT-T disabled
> Aug 20 11:16:52 fatswan pluto[30870]: adding interface lo/lo ::1
> Aug 20 11:16:52 fatswan pluto[30870]: NAT-Traversal: ESPINUDP(2) not
> supported by kernel -- NAT-T disabled
> Aug 20 11:16:52 fatswan pluto[30870]: adding interface lo/lo ::1:4500
You either want to disable IPv6 or apply the following patch which is
already in HEAD.
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert at gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
Index: programs/pluto/server.c
===================================================================
RCS file: /public/cvs/openswan-2/programs/pluto/server.c,v
retrieving revision 1.98
retrieving revision 1.99
diff -u -r1.98 -r1.99
--- programs/pluto/server.c 22 Jul 2004 14:14:59 -0000 1.98
+++ programs/pluto/server.c 7 Aug 2004 01:48:18 -0000 1.99
@@ -710,7 +710,7 @@
break;
#ifdef NAT_TRAVERSAL
- if (nat_traversal_support_non_ike)
+ if (nat_traversal_support_non_ike && addrtypeof(&ifp->addr) == AF_INET)
{
nat_traversal_espinudp_socket(fd, ESPINUDP_WITH_NON_IKE);
}
@@ -727,7 +727,7 @@
openswan_log("adding interface %s/%s %s"
, q->vname, q->rname, ip_str(&q->addr));
#ifdef NAT_TRAVERSAL
- if (nat_traversal_support_port_floating) {
+ if (nat_traversal_support_port_floating && addrtypeof(&ifp->addr) == AF_INET) {
fd = create_socket(ifp, v->name, NAT_T_IKE_FLOAT_PORT);
if (fd < 0)
break;
More information about the Users
mailing list