[Openswan Users] Forcing udp-encaps when not on a NAT'd
connection?
Michael Richardson
mcr at sandelman.ottawa.on.ca
Thu Jun 10 15:55:16 CEST 2004
-----BEGIN PGP SIGNED MESSAGE-----
>>>>> "Mathieu" == Mathieu Lafon <mlafon at arkoon.net> writes:
>> I'm wondering if there is a way to force Openswan to use UDP
>> Encapsulation when you're not on a NAT'd connection. This would
>> be useful, for example,
Mathieu> #define FORCE_NAT_TRAVERSAL in pluto/nat_traversal.c ?
I think that the best way to have pluto lie in the NAT-T hashes, so
that both ends conclude that there is NAT involved. This should be done
on a per-conn basis.
- --
] "Elmo went to the wrong fundraiser" - The Simpson | firewalls [
] Michael Richardson, Xelerance Corporation, Ottawa, ON |net architect[
] mcr at xelerance.com http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys
iQCVAwUBQMiuk4qHRg3pndX9AQE0TwP/YtcbFVoR9/H9oAmwQIyMcD/DBaG0Mxdt
eaVQJTOHpfMajbVgscIHubcr5Xs8g6jOI4axRc2e/Lu7cIbzJAG0S41vz4f6gY8+
+mYezLZmkpmxyR8/hC0XVYev7AgTJl9fQQVWp9Ci/bEutKD8QNkdYZ180OAvBY9b
2x0guDdga4c=
=PDBu
-----END PGP SIGNATURE-----
More information about the Users
mailing list