[strongSwan] FreeBSD 13.1-STABLE / StrongSwan 5.9?
Tobias Brunner
tobias at strongswan.org
Mon Oct 10 19:40:43 CEST 2022
Hi Karl,
> I am running GENERIC on the gateway as the docs say
> that's now ok; I used to run a custom kernel for other reasons (mostly
> PPS which I don't use anymore as I no longer have a local NTP clock) and
> the only material difference I can see is that the 12.2-STABLE custom
> kernel has the "enc" driver included in it ("device enc") while
> GENERIC does not.
Not sure if that driver is necessary or only required to do advanced
filtering. You should definitely check if the kernel includes the
following options (or if you can kldload a module that provides them):
options IPSEC
device crypto
# also needed because the Android app requires UDP encapsulation
options IPSEC_NAT_T
Regards,
Tobias
More information about the Users
mailing list