Why NETKEY is so bad, why KLIPS doesn't run ???
I am trying to use Linux/NET/IPSEC/NETKEY in a pro environment. There is no issue to run NETKEY stack with same multiples IP source in a NAT-T environment... Why ??? It's the reason why I'm leaving Linux... KLIPS stack knowns how to to deal with that, either is knowing PREROUTING and DNAT... Linux's IPSEC's stack doesn't know how to deal with those 2 issues :-( ... Linux/netfilter ... my love ... I'm gonna leave you ...
Last edited by Philo Bédo; 02-18-2010 at 08:30 PM.
|