Current-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: [Ipsec-tools-devel] racoon+NAT-T and racoon+debug+IPv6 not so happy?

On Sun, Oct 26, 2008 at 12:31:21PM +0100, S.P.Zeidler wrote:
> is it old news that racoon and a kernel with NAT-T [1] will result in a
> failure to do IPSEC because the pfkey update about NAT-T fails in phase 2
> and racoon decides to fail the entire connection?

Depends on what version of racoon?  There were relatively recent fixes in the
NAT-T with Transport Mode code that allowed QM to move forward again.  (It
caused all sort of interoperability problems with the Solaris IKE.)

Can't speak about the IPv6 + stack overflow, however.


Home | Main Index | Thread Index | Old Index