Search the archives for the cisco nat-t problem, I sent a mail with more details and I think there was a patch with it. Pretty sure that would have affected older OpenBSD versions too though.
Christoph Leser <le...@sup-logistik.de> wrote: > > > >On Feb 28, 2012, Stuart Henderson wrote: > > >List: openbsd-misc<http://marc.info/?l=openbsd-misc&r=1&w=2> >Subject: Re: Router project on OpenBSD >questions<http://marc.info/?t=133037173000006&r=1&w=2> >From: Stuart Henderson <stu () spacehopper ! >org><http://marc.info/?a=103971340500002&r=1&w=2> >Date: 2012-02-28 >13:57:45<http://marc.info/?l=openbsd-misc&r=1&w=2&b=201202> >Message-ID: slrnjkpnao.r14.stu () naiad ! spacehopper ! >org<http://marc.info/?i=slrnjkpnao.r14.stu%20()%20naiad%20!%20spacehopper%20 !%20org> >[Download message >RAW<http://marc.info/?l=openbsd-misc&m=133043766530365&q=raw>] > > >>IPsec is mostly compatible but there's a bit of breakage if the ipsec >>gateways are behind NAT (because Cisco still follows a very old nat-t >draft >>rather than the standard). > > > >I think I have read similar remarks about NAT-T and Cisco >interoperability. But I have found no details about what the problem is >with cisco. > > >I completely failed when I tried to move from OBSD 4.6 to OBSD 5.2, >because of NAT-T trouble with cisco. I described my experience in a >message to this list 'ISAMPD NAT trouble with openBSD 5.2 > > >Any hints to information about interoperabilty issues with cisco ( and >possible solutions ) would be highly welcome > > > > >Mit freundlichen GrüÃen > >Christoph Leser > >S&P Computersysteme GmbH >Zettachring 4 >70567 Stuttgart Fasanenhof > >EMail: le...@sup-logistik.de
