Re: Vpnc pluggin needs "force-natt" option.

From: Dan Williams <dcbw redhat com>
To: mhw WittsEnd com
Cc: networkmanager-list gnome org
Subject: Re: Vpnc pluggin needs "force-natt" option.
Date: Wed, 24 Feb 2010 16:17:15 -0800

On Wed, 2010-02-24 at 18:38 -0500, Michael H. Warfield wrote:
> Hello all!
> 
> I have a situation where vpnc is failing due to an incorrect setting in
> the NetworkManager vpnc plugin.  The situation is a condition where a
> firewall or other non-NAT device is interfering with protocol 50 (esp)
> and we need NAT-T even though we are not behind a NAT.  As it so
> happens, vpnc does support this.  It's "NAT Traversal mode force-natt".
> In those environments, cli invocation of vpnc works like a charm.  But
> there appears to be no way for the NetworkManager vpnc plugin to
> configure and use this.  The force-natt option is most likely to work in
> the widest variety of environments at the cost of a slight overhead (UDP
> encapsulation).  OpenSWAN, StrongSWAN, Racoon, and vpnc all support
> this.  Just need the plugin adapted to support it as  well.  Any chance
> of getting that added to that plugin?

Seems pretty simple; to make sure it doesn't get lost I've created:

https://bugzilla.gnome.org/show_bug.cgi?id=611027

Can't promise when, but it would be a good simple bug for a new
contributor to pick up.

Dan

Follow-Ups:
- Re: Vpnc pluggin needs "force-natt" option.
  - From: Huzaifa Sidhpurwala

References:
- Vpnc pluggin needs "force-natt" option.
  - From: Michael H. Warfield

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]