[prev in list] [next in list] [prev in thread] [next in thread]
List: freebsd-pf
Subject: NAT IPSec Traffic with pf
From: Sydney Meyer <syd.meyer () gmail ! com>
Date: 2014-07-31 0:06:55
Message-ID: 9B8D62A1-8377-4D27-8E1B-816E16C96E5F () gmail ! com
[Download RAW message or body]
Got a reply in the forums from "junovitch":
"There is a bug in 10.0-RELEASE with how how the kernel is tagging the mbuf allocated \
with IPSEC packets as it gets tagged to skip firewalling. Hence PF can't NAT what it \
can't see. Short answer is you need to upgrade to 10.0-STABLE or use an older version \
of FreeBSD.
Long answers:
http://www.freebsd.org/cgi/query-pr.cgi?pr=185876 - The PR with the technical \
details. https://forums.freebsd.org/viewtopic.php?f=7&t=45691 - Same issue and the \
troubleshooting that helped find it."
Upgrading to 10 STABLE fixed the issue.
Cheers,
S.
_______________________________________________
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org"
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic