[Openswan Users] NAT-T Malformed Payload
David McCullough
david_mccullough at mcafee.com
Mon May 10 19:44:52 EDT 2010
Jivin vinaykumar muralidharan lays it down ...
> I am seeing lot of Malformed Packets when NAT-T is enabled on my linux box and the tunnel takes more time to get established.
> Also when i configure nhelpers=0, I am not seeing any malformed packets and the tunnel establishment is instantaneous. When NAT-T is disabled I am not seeing any issues. Could any one tell me why this is happening and what does nhelpers do. I am using netkey stack.
What version are you using ? This sounds like a bug that has been fixed.
nhelpers=0 was the workaround. It's to do with pluto's async userspace
crypto.
Cheers,
Davidm
--
David McCullough, david_mccullough at mcafee.com, Ph:+61 734352815
McAfee - SnapGear http://www.mcafee.com http://www.uCdot.org
More information about the Users
mailing list