[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
(racoon 854) Re: Racoon NAT-T Transport Mode
- To: firstname.lastname@example.org
- Subject: (racoon 854) Re: Racoon NAT-T Transport Mode
- From: Michal Ludvig <email@example.com>
- Date: Thu, 4 Nov 2004 22:00:34 +0100 (CET)
- Delivered-to: firstname.lastname@example.org
- Delivered-to: email@example.com
- Delivered-to: firstname.lastname@example.org
- Delivered-to: email@example.com
- In-reply-to: <1gmqxyk.7ic2c8rvvh3Mfirstname.lastname@example.org>
- References: <1gmqxyk.7ic2c8rvvh3Memail@example.com>
- Reply-to: firstname.lastname@example.org
- Sender: email@example.com
On Thu, 4 Nov 2004, Emmanuel Dreyfus wrote:
> Michal Ludvig <firstname.lastname@example.org> wrote:
> > IPsec-tools racoon doesn't support NAT-OA payload that is required for
> > transport mode byt the standard. It is quite some time since I wrote the
> > NAT-T support so I'm not sure how much work would it be to add it...
> Not that much, IMO. Implementing OA will also make possible to use
> multiple machines from behind a NAT.
I doubt it will help on Linux. It is missing OA handling at all (you
can pass it to the kernel but the structure is never used).
BTW Having multiple clients behind a NAT doesn't work in Tunnel mode?
But for Tunnel mode NAT-OA isn't transmitted anyway (as written in RFC).
* A mouse is a device used to point at the xterm you want to type in.
* Personal homepage - http://www.logix.cz/michal