[FreeBSD10 Bug] IPSec Nat forward Failed.
guys,I posted this article to tell you that currently there was a comitted bug in FreeBSD 10-Release-p2 ,which would not forward nat ip traffics .This bug effected strongswan IPsec tunnel. When a mobile phone successed to connect the strongswan server,phone would got virtual IP (e.g. 192.168.1.X),and you could use tcpdum to see the traffics just came from 192.168.1.X to others but without no response.
evently you could see the route with "netstat -rn" ,this would show correctly “192.168.1.X WANIP UGHS ”.
to resolv this issue you should svn your freebsd src (/usr/src) and patch it use the file below.
cd /usr/src patch -p1 < patch-10.0-RELEASE
then re-compile to build your kernel.
#1 Updated by Tobias Brunner over 6 years ago
- Tracker changed from Bug to Issue
- Status changed from New to Rejected
- Assignee set to Tobias Brunner
- Priority changed from High to Normal
- Affected version deleted (
- Resolution changed from Fixed to Invalid
This tracker is for issues with strongSwan, not bugs in operating system kernels.
If there is a bug in FreeBSD you should post that to their bug tracker.