[Openswan Users] Bug 1021 Workaround ? O2.6.21+K2.6.25+NAT-T
Paul Wouters
paul at xelerance.com
Tue May 12 13:46:07 EDT 2009
On Tue, 12 May 2009, samuel_formulaires wrote:
> - 2.6.22dr1 indeed fixes the ipsec0/mast0 thing, now even when
> nat_trav=yes, I see netif_rx(ipsec0) instead of (mast0) in debug and VPN
> works
Thanks for the feedback on this
> - seems like i no longer have the inactivity problem (when no trafic
> through VPN for hours, must down/up tunnel)
Good :)
> BUT
> I did have to apply ftp://ftp.openswan.org/openswan/testing/nat-t/*,
> otherwise it seems to search for old style natt (which fails because
> make nattpatch fails on K2.6.25), while you replied "No" to my question :
>
>> Do I use ftp://ftp.openswan.org/openswan/testing/nat-t/ like I did on
>> openswan-2.6.21 ?
>
> No. <<----
>
> Can this NAT-T patches stuff be cleared ?
I am doing some testing right now to determine the exact status. The idea
is to incorporate the those testing/nat-t, which no longer patch the kernel,
into openswan so no separate patches are needed and klips can be build as
a module with full nat-t support.
I'll get back to you on this one.
Paul
More information about the Users
mailing list