[Openswan Users] NAT-T disabled
Magnus Hyllander
mhypub1 at hyllander.org
Sun May 30 20:18:33 CEST 2004
Magnus Hyllander wrote:
> May 27 02:01:09 fleming ipsec__plutorun: 003 NAT-Traversal:
> ESPINUDP(1) not supported by kernel -- NAT-T disabled
>
> Any ideas what is going wrong here? What does the warning about route
> filtering mean, and why doesn't the kernel support ESPINUDP?
Well, I finally found out why NAT-T was disabled: you have to enable it
before rebuilding the kernel.
If you follow the installation instructions in the openswan README
exactly, it doesn't work. I think it would be a good idea to mention
that after applying the NAT-T patch, you also have to reconfigure the
kernel (e.g. "make menuconfig") and enable the
CONFIG_IPSEC_NAT_TRAVERSAL option. That little piece of information is
missing in section 2.1 in the README. Once you've done this you can
proceed with building and installing the kernel and openswan.
/Magnus
More information about the Users
mailing list