Looks good to me. On Apr 27, 2011 7:14 PM, "Justin Pettit" <[email protected]> wrote: > Some (broken) firewalls do not properly pass UDP fragments, which will > prevent IKE from completing. This commit enables the racoon option to > allow application-level fragmenting and allow security associations to > be created. > --- > debian/ovs-monitor-ipsec | 1 + > 1 files changed, 1 insertions(+), 0 deletions(-) > > diff --git a/debian/ovs-monitor-ipsec b/debian/ovs-monitor-ipsec > index febd569..0a97c88 100755 > --- a/debian/ovs-monitor-ipsec > +++ b/debian/ovs-monitor-ipsec > @@ -83,6 +83,7 @@ path certificate "%s"; > cert_entry = """remote %s { > exchange_mode main; > nat_traversal on; > + ike_frag on; > certificate_type x509 "%s" "%s"; > my_identifier asn1dn; > peers_identifier asn1dn; > -- > 1.7.1 > > _______________________________________________ > dev mailing list > [email protected] > http://openvswitch.org/mailman/listinfo/dev
_______________________________________________ dev mailing list [email protected] http://openvswitch.org/mailman/listinfo/dev
