FAST_IPSEC NAT-T support
Scott Ullrich
sullrich at gmail.com
Mon Sep 18 09:21:15 PDT 2006
On 9/18/06, VANHULLEBUS Yvan <vanhu_bsd at zeninc.net> wrote:
> By default, I have set the value of port's configuration to "kernel",
> which is exactly "use it if supported".
>
> I just checked ./configure --enable-natt=yes (which forces NAT-T
> support) on a FreeBSD 6.1 without NAT-T patchset, and I got that:
>
> checking kernel NAT-Traversal support... checking for struct
> sadb_x_nat_t_type.sadb_x_nat_t_type_len... no
> no
> checking whether to support NAT-T... yes
> configure: error: NAT-T requested, but no kernel support! Aborting.
>
>
> If I start again with just --enable-natt, I get the same.
>
> if I use --enable-natt=kernel, I'll have:
>
> checking kernel NAT-Traversal support... checking for struct
> sadb_x_nat_t_type.sadb_x_nat_t_type_len... no
> no
> checking whether to support NAT-T... no
> checking which NAT-T versions to support... none
> [etc....]
>
>
> If you are able to reproduce that problem, please send me at least the
> output of configure, and, if possible, the corresponding part of
> config.log !
Hello, here is what I attempted:
1. Reinstalled kernel with NAT-T support
2. cd /usr/ports/security/ipsec-tools && make rmconfig && make install
* Selected NAT-T support
The portions of configure that mentions NAT-T:
builder# make | grep NAT-T
===> ATTENTION: You need a kernel patch to enable NAT-Traversal functionality!
checking kernel NAT-Traversal support... checking for struct
sadb_x_nat_t_type.sadb_x_nat_t_type_len... no
checking whether to support NAT-T... no
checking which NAT-T versions to support... none
And finally the config.log file (rather long so I posted to my home directory):
http://www.pfsense.com/~sullrich/logs/ipsec-tools/config.log
Thanks for all your help!
Scott
More information about the freebsd-net
mailing list