Subject: Re: racoon crash/core dump
To: None <current-users@NetBSD.org>
From: Matthias Scheler <tron@zhadum.org.uk>
List: current-users
Date: 11/20/2005 12:23:31
In article <20051118080201.GA19117@azeotrope.org>,
Dave Huang <khym@azeotrope.org> writes:
> I'm trying to get an IPsec tunnel set up between a D-Link DI-804HV
> (firmware 1.41) and a NetBSD-current/i386 box (November 17 sources,
> ipsec-tools 0.6.2). The D-Link is behind a NAT, but both it and
> ipsec-tools support NAT-T, so it should work, right?
Do you enable NAT-T in your configuration? My "racoon.conf" contains
these lines:
listen {
adminsock "/var/racoon/racoon.sock" "root" "operator" 0660;
isakmp 1.2.3.4 [500];
isakmp_natt 1.2.3.4 [4500];
}
remote anonymous {
[...]
nat_traversal on;
[...]
}
Kind regards
--
Matthias Scheler http://scheler.de/~matthias/