[ previous ] [ next ] [ threads ]
 
 From:  Tim Nelson <tnelson at rockbochs dot com>
 To:  Chris Buechler <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Re: IPSEC Mobile Clients Error
 Date:  Tue, 25 Sep 2007 17:18:07 -0500 (CDT)
I have NAT-T enabled already. At this point, I'll upgrade to 1.3b3 or b4 and see if the problem is
corrected. Thanks for your help!

Tim Nelson
Systems/Network Engineer
Rockbochs Inc.
(218)727-4332

----- Original Message -----
From: "Chris Buechler" <cbuechler at gmail dot com>
Cc: m0n0wall at lists dot m0n0 dot ch
Sent: Tuesday, September 25, 2007 5:12:05 PM (GMT-0600) America/Mexico_City
Subject: Re: [m0n0wall] Re: IPSEC Mobile Clients Error


>
> It seems NAT-T does not work properly. See my previous postings.
>

I don't personally use mobile IPsec, but I know of people who do, and
are using NAT-T with no issues.


> And it seems there is fix ready (if these topics are related) that is not
> released yet
> (see topic "1.3b2 - IP fragments not passed" in group
> "gmane.comp.security.firewalls.m0n0wall.devel")
>

That was added in 1.3b3.

"added kernel patch for fragment bug in ipfilter (contributed by Frank Edwards)"
from http://m0n0.ch/wall/beta-1.3.php

-Chris

---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch