[Openswan Users] NAT-T in native stack??

Lewis Shobbrook lshobbrook at fasttrack.net.au
Wed Mar 31 18:01:49 CEST 2004


Hi Rene,

I've been testing the new native ipsec stack with FreeSwan and
encountered an issue with NAT-T.

Pluto states....

Mar 31 16:54:29 fireone pluto[3941]: Starting Pluto (FreeS/WAN Version
2.04 X.509-1.5.3 LIBCURL LDAP_V3 SMARTCARD PLUTO_USES_KEYRR)
Mar 31 16:54:29 fireone pluto[3941]:   including NAT-Traversal patch
(Version 0.6b) [disabled]
Mar 31 16:54:29 fireone pluto[3941]: Using Linux 2.6 IPsec interface
code

Indicating that the ipsec stack lacks NAT traversal, 
In the usr/doc you state...

....this native Linux IPSec stack is of high quality, has all of
the features of the latest Debian FreeSwan packages (i.e. support for
other
ciphers like AES and NAT Traversal support) and is well integrated into
the
kernel networking subsystem (which is not true for the FreeSwan kernel
modules).

Is there an incompatibility here, or am I missing something on how to
enable the NAT traversal.
I'm using the Debian native 2.4.25-1-686 kernel.

Cheers,

Lewis



More information about the Users mailing list