natt (again) in 7.2 stable and a forticlient

Ingo Flaschberger if at
Thu Jul 23 20:42:13 UTC 2009

Dear Yvan,

I have tried to get natt at freebsd 7.2 stable with your patch
and ipsec-tools 0.7.2 and 0.8-alpha20090525+natt running,
but have no success.

negotiation works, but traffic from forticlient gives
esp_input_cb: authentication hash mismatch for packet in SA x.x.x.x/009320d9

Also there is no traffic seen incoming at the forticlient, but leaves the 

I have tried to figure out changes at freebsd 8.0 and the patchset, but that is at some
places new code.

Do you have any idea what breaks?
Will it work at 8.0? and does it make sense to go with 8.0?
(have seen some other ipsec patches from you that address stability)

Kind regards,
 	Ingo Flaschberger

More information about the freebsd-net mailing list