[Openswan Users] kernel 2.6 + openswan 2.4.5 = not NAT-T support

Paul Wouters paul at xelerance.com
Thu Apr 13 19:16:12 CEST 2006


On Thu, 13 Apr 2006, Domingo Antonio wrote:

> 	I have a kernel 2.6.16 and openswan 2.4.5
> 	I have been applied openswan-2.4.5rc7.kernel-2.6-klips.patch and
> openswan-2.4.5rc7.kernel-2.6-natt.patch, but there is no NAT-T entry in
> /proc/net/ipsec/natt... when i run ipsec verify commando i get FAILED in nat
> traversal support...

Did you run "make oldconfig" in the linux tree and answer "yes" to the new
option CONFIG_IPSEC_NAT_TRAVERSAL ?

Note that there is also a bug in the udp checksum handling when openswan
is behind NAT. See http://bugs.xelerance.com/view.php?id=601 for a workaround.

Paul


More information about the Users mailing list