Package: isakmpd Version: 20041012-1 I tried to establish an ipsec tunnel from Linux to OpenBSD. Both machines are in the same physical network, without any gateway inbetween: - Debian/unstable, kernel 2.6.12-1 with isakmpd-20041012-1 - OpenBSD 3.7 with isakmpd in passive mode
After some messages on port 500, the linux client switches to port 4500, trying to negotiate NAT-T. Here are some log message from the linux box: 204040.533994 Exch 10 nat_t_check_vendor_payload: NAT-T capable peer detected 204040.534016 Exch 10 dpd_check_vendor_payload: DPD capable peer detected 204040.534238 Exch 10 exchange_run: unexpected payload VENDOR 204040.534259 Exch 10 exchange_run: unexpected payload VENDOR 204040.738062 Exch 10 nat_t_exchange_check_nat_d: NAT detected, we're behind it There is a patch available which solved the problem for me: ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.6/common/005_isakmpd.patch The patch applies cleanly to the Debian package. Ralf -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
