natt (again) in 7.2 stable and a forticlient
Ingo Flaschberger
if at xip.at
Thu Jul 23 20:42:13 UTC 2009
Dear Yvan,
I have tried to get natt at freebsd 7.2 stable with your patch
http://people.freebsd.org/~vanhu/NAT-T/patch-natt-7.2-2009-05-12.diff
and ipsec-tools 0.7.2 and 0.8-alpha20090525+natt running,
but have no success.
negotiation works, but traffic from forticlient gives
esp_input_cb: authentication hash mismatch for packet in SA x.x.x.x/009320d9
error.
Also there is no traffic seen incoming at the forticlient, but leaves the
freebsd-box.
I have tried to figure out changes at freebsd 8.0 and the patchset
http://people.freebsd.org/~bz/20090523-04-natt.diff, but that is at some
places new code.
Do you have any idea what breaks?
Will it work at 8.0? and does it make sense to go with 8.0?
(have seen some other ipsec patches from you that address stability)
Kind regards,
Ingo Flaschberger
More information about the freebsd-net
mailing list