Re: FreeBSD as a VPN Client Gateway ...

VANHULLEBUS Yvan <vanhu_bsd@xxxxxxxxxx> writes:

Hi Yvan,

It should work (I'm compiling it with a modified 6.1-PRERELEASE, but
did not tried for now with just 6.1-PRERELEASE+NAT6T patch).

I've forced natt support in the Makefile.

Could you send me the logs ?

Asap, I have to make some place on my laptop and then transfer the
vmware image I use for these tests.

nat-t support detection is quite bad actually (and not only with
FreeBSD), as it just detects NAT-T support in kernel includes, not in
compiled kernel.

That's what I've seen

Have a look at your /usr/include/net/pfkeyv2.h, and see if you have
some NAT-T related stuff.

This file contains the structure that the configure generated program
tries to use.

I didn't have news about patent issues recently.

Nice.

There are still some works to do on the patch, especially:

- sync with Manu's recent works on NetBSD (support for multiple peers
behind the same address).

It should not take too long to do that, and I'll work on it within
next weeks.

- port to FAST_IPSEC. Once again, it should not take too much time to
do that. I was waiting for George's works on PFKey interface, but
looks like it won't really be a problem to merge both works, so I'll
probably do it "soon".

Would be nice, as KAME ipsec stack doesn't seem to have locked atm (the
box I plan to use is an old dual ppro)

But the actual version of the patch is already good enough for
integration if FreeBSd's team wants it, there are just some
(temporary) limitations which needs to be know.

Great, I'll post the configure log asa the box and I are ready ;)

Éric

--
Tous cela, il faut que ça change. Je PAYE mon abonnement Internet et
j'exige que mon vote et mes opinions soient pris en considération.
-+- Rocou In GNU - Les payeurs ne sont pas les conseilleurs -+-
_______________________________________________
freebsd-net@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@xxxxxxxxxxx"