SEO
vBulletin Search Engine Optimization
| |||||||
| Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
02-18-2008, 07:05 AM
| ||||
| ||||
 isakmpd NAT-Traversal - testers wanted Support for NAT-Traversal in isakmpd was added just recently (yesterday or so). The support is for ESP-tunnels only, not AH or transport mode. So far, it has only been tested between various OpenBSD/isakmpd boxes, and I would appreciate if people could try to test this against other vendors and mail me the results. To test, first update isakmpd to -current, anoncvs should have the sources by now. There is no special isakmpd configuration required to activate NAT-T, it's all automatic. However, you need to run "sysctl net.inet.esp.udpencap=1" on both sides, as well as permitting UDP port 4500 in addition to the normal 500. If it does not work, mail me a description of the problem, the last 2-300 lines from 'isakmpd -d -DA=90 -L', and the output from 'tcpdump -nvr /var/run/isakmpd.pcap'. (You'll probably want to update tcpdump as well.) Thanks, Håkan      |
Linear Mode
