natt (again) in 7.2 stable and a forticlient
Ingo Flaschberger
if at xip.at
Fri Jul 24 16:10:46 UTC 2009
Hi,
> attached a patch for ports-security-ipsec-tools Makefile
> to disable to offer NATT-IKE-ENCAP.
aii.. bug in the batch, sorry.
attached new patch.
Kind regards,
Ingo Flaschberger
-------------- next part --------------
--- Makefile_org 2009-07-24 15:01:11.000000000 +0200
+++ Makefile 2009-07-24 17:47:26.000000000 +0200
@@ -41,6 +41,7 @@
DPD "enable Dead Peer Detection" on \
NATT "enable NAT-Traversal (kernel-patch required)" on \
NATTF "require NAT-Traversal (fail without kernel-patch)" off \
+ NATNONIKE "offer NAT-Traversal UDP encapsulation only" off \
FRAG "enable IKE fragmentation payload support" on \
HYBRID "enable Hybrid, Xauth and Mode-cfg support" on \
PAM "enable PAM authentication (Xauth server)" off \
@@ -99,6 +100,10 @@
CONFIGURE_ARGS+= --disable-natt
.endif
+.ifdef(WITH_NATNONIKE)
+CONFIGURE_ARGS+= --enable-natt-versions=2,3,4,5,6,5,7,8,RFC
+.endif
+
.ifdef(WITH_FRAG)
CONFIGURE_ARGS+= --enable-frag
.else
More information about the freebsd-net
mailing list