From: Ken Bantoft (ken_at_freeswan.ca)
Date: Thu Jan 09 2003 - 02:12:52 CET
-----BEGIN PGP SIGNED MESSAGE-----
On Wed, 8 Jan 2003, Simpson, Doug wrote:
> Okay, my last email was a bit ignorant. 1.99 does have the NAT-t in it (as
> per your email) and what I found out on the web. However, did I have to do
> anything different during my kernel compile (I could not find a yes or no on
> this)? And if I am ready to go what do I have to config in my ipsec.conf -
> nat_traversal=yes?
Super FreeS/WAN 1.99_kb* has NAT-T in it. Standard FreeS/WAN from
www.freeswan.org does not.
You don't need to do anything different in your kernel compile, but you
*do* have to install a newly rebuild kernel. The NAT-T patching changes a
few files in the kernel TCP/IP stack to support ESP in UDP encapsulation.
- --
Ken Bantoft The Unoffical FreeS/WAN Site:
ken_at_freeswan.ca http://www.freeswan.ca
PGP Key: finger ken_at_bantoft.org
"We can factor the number 15 with quantum computers. We
can also factor the number 15 with a dog trained to bark
three times." -- Robert Harley, 5/12/01, Sci.crypt
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv
iQCVAwUBPhzMlliWUusaxGxpAQHn8wQAlRieqxoP1FlZF1AEYhvpn2669D7Xu2Hd
O4klnxVWx9+GSqYDBSLAudA6g6S0PawMDuqKU9LIbyYJvdgba9xLELZHKJ/pJqWZ
h9gedmiHqqjsBJQEkcz0xB0Q2azyIfclBcwurSfw/MHup/SSXy0O7YL3YyA+ZOQq
bV25yXfJOf4=
=+A0o
-----END PGP SIGNATURE-----
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.5 : Fri Jan 10 2003 - 05:21:18 CET