Hello Tom,
>> AFAIK the 2.6 ipsec stack doesn't support NAT-traversal, that's why
>> klips is still maintained as a "more mature" alternative. There is a 2.4
>> backport of the 2.6 ipsec stack available.
>>
>
> NAT Traversal *is* supported.
>
Thanks, I will take a look at the Racoon 2.4 backport.
Hello Tom,
>> AFAIK the 2.6 ipsec stack doesn't support NAT-traversal, that's why
>> klips is still maintained as a "more mature" alternative. There is a 2.4
>> backport of the 2.6 ipsec stack available.
>>
>
> NAT Traversal *is* supported.
>
Thanks, I will take a look at the Racoon 2.4 backport.
On Tuesday 21 March 2006 03:55, Eric Spakman wrote:
> Hello Natanael,
>
> > More realistic interesting things with 2.6 kernel is the new ipsec stack.
> > http://www.shorewall.net/IPSEC-2.6.html
>
> AFAIK the 2.6 ipsec stack doesn't support NAT-traversal, that's why klips
> is still maintained as a
Hello Tom,
>> AFAIK the 2.6 ipsec stack doesn't support NAT-traversal, that's why
>> klips is still maintained as a "more mature" alternative. There is a 2.4
>> backport of the 2.6 ipsec stack available.
>>
>
> NAT Traversal *is* supported.
>
Thanks, I will take a look at the Racoon 2.4 backport.
On Tuesday 21 March 2006 04:11, Natanael Copa wrote:
>
> I don't know if the 2.6 ipsec is good enough for production yet, but I
> think there are interesting things going on there.
>
Netfilter/IPSEC integration is finally standard in kernel 2.6.16. That's an
important step in the right direction
Hello Natanael,
>
> More realistic interesting things with 2.6 kernel is the new ipsec stack.
> http://www.shorewall.net/IPSEC-2.6.html
>
AFAIK the 2.6 ipsec stack doesn't support NAT-traversal, that's why klips
is still maintained as a "more mature" alternative. There is a 2.4
backport of the 2.6
Eric Spakman wrote:
> Hello Natanael,
>
>> More realistic interesting things with 2.6 kernel is the new ipsec stack.
>> http://www.shorewall.net/IPSEC-2.6.html
>>
>>
> AFAIK the 2.6 ipsec stack doesn't support NAT-traversal, that's why klips
> is still maintained as a "more mature" alterna
Mike Noyes wrote:
> Everyone,
> Do we gain anything by encrypting the device leaf is installed on?
>
> Example: kernel 2.6 on usb-hdd flash drive encrypted with
> cryptsetup or dm-crypt.
>
>
Its actually something that could be useful. In some situations it can
be hard/
Everyone,
Do we gain anything by encrypting the device leaf is installed on?
Example: kernel 2.6 on usb-hdd flash drive encrypted with
cryptsetup or dm-crypt.
Just something I've been thinking about since I started mentioning 2.6
and usb-hdd. I'm probably off on a useless
