Support for IPSec NAT-T in transoprt mode
Zmiter
zmiterby at gmail.com
Sun Apr 15 13:40:30 UTC 2012
14.04.2012 19:59, Bjoern A. Zeeb написал:
> On 13. Apr 2012, at 04:28 , Zmiter wrote:
>
>> Hello.
>> Does FreeBSD 8.[0-4] support IPSec NAT-T in transport mode? Or it's still in broken state?
> It's not broken; it was never implemented. No FreeBSD tree shipped does
> support transport mode at this time. There are patches but you also need
> to fix ipsec-tools or your ike daemon. If you do the latter I can commit
> the former.
>
> /bz
>
Where could I get that patches? I'd like to test them and to see what
could I do with them.
And, if it's really so difficult to implement transport mode in kernel
some way, describe it (I think, all the work for third parties will be
implemented through pfkey interface), and wait some time (or may be help
a little) until it'll be implemented in ipsec-tools.
It's not the egg and chicken problem, may be the kernel must be the
first. Or may be I'm not in theme so deep? Is it really some sort or big
and principal incompatibilities with ipsec-tools?
Thank a lot
15.04.2012
Zmiter
More information about the freebsd-stable
mailing list