[Openswan Users] NAT-T in native stack??
Marcel J.E. Mol
marcel at mesa.nl
Wed Mar 31 11:00:36 CEST 2004
Lewis,
did you set
nat_traversal=yes
in ipsec.conf?
I guess this as the '[disabled]' tag appears in my logs when
I set it to no or leave this out.
-Marcel
On Wed, Mar 31, 2004 at 05:01:49PM +1000, Lewis Shobbrook wrote:
> Hi Rene,
>
> I've been testing the new native ipsec stack with FreeSwan and
> encountered an issue with NAT-T.
>
> Pluto states....
>
> Mar 31 16:54:29 fireone pluto[3941]: Starting Pluto (FreeS/WAN Version
> 2.04 X.509-1.5.3 LIBCURL LDAP_V3 SMARTCARD PLUTO_USES_KEYRR)
> Mar 31 16:54:29 fireone pluto[3941]: including NAT-Traversal patch
> (Version 0.6b) [disabled]
> Mar 31 16:54:29 fireone pluto[3941]: Using Linux 2.6 IPsec interface
> code
>
> Indicating that the ipsec stack lacks NAT traversal,
> In the usr/doc you state...
>
> ....this native Linux IPSec stack is of high quality, has all of
> the features of the latest Debian FreeSwan packages (i.e. support for
> other
> ciphers like AES and NAT Traversal support) and is well integrated into
> the
> kernel networking subsystem (which is not true for the FreeSwan kernel
> modules).
>
> Is there an incompatibility here, or am I missing something on how to
> enable the NAT traversal.
> I'm using the Debian native 2.4.25-1-686 kernel.
>
> Cheers,
>
> Lewis
>
> _______________________________________________
> Users mailing list
> Users at lists.openswan.org
> http://lists.openswan.org/mailman/listinfo/users
--
======-------- Marcel J.E. Mol MESA Consulting B.V.
=======--------- ph. +31-(0)6-54724868 P.O. Box 112
=======--------- marcel at mesa.nl 2630 AC Nootdorp
__==== www.mesa.nl ---____U_n_i_x______I_n_t_e_r_n_e_t____ The Netherlands ____
They couldn't think of a number, Linux user 1148 -- counter.li.org
so they gave me a name! -- Rupert Hine -- www.ruperthine.com
More information about the Users
mailing list