[ previous ] [ next ] [ threads ]
 From:  "Chris Buechler" <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Re: IPSEC Mobile Clients Error
 Date:  Tue, 25 Sep 2007 18:12:05 -0400
On 9/25/07, Marek Läll <marek dot lall at neti dot ee> wrote:
> It seems NAT-T does not work properly. See my previous postings.

I don't personally use mobile IPsec, but I know of people who do, and
are using NAT-T with no issues.

> And it seems there is fix ready (if these topics are related) that is not
> released yet
> (see topic "1.3b2 - IP fragments not passed" in group
> "gmane.comp.security.firewalls.m0n0wall.devel")

That was added in 1.3b3.

"added kernel patch for fragment bug in ipfilter (contributed by Frank Edwards)"
from http://m0n0.ch/wall/beta-1.3.php