git://git.onelab.eu
/
sliver-openvswitch.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
deb69d9
)
ovs-monitor-ipsec: Allow IKE fragmentation
author
Justin Pettit
<jpettit@nicira.com>
Wed, 27 Apr 2011 15:46:38 +0000
(08:46 -0700)
committer
Ben Pfaff
<blp@nicira.com>
Fri, 29 Apr 2011 21:32:01 +0000
(14:32 -0700)
Some (broken) firewalls do not properly pass UDP fragments, which will
prevent IKE from completing. This commit enables the racoon option to
allow application-level fragmenting and allow security associations to
be created.
debian/ovs-monitor-ipsec
patch
|
blob
|
history
diff --git
a/debian/ovs-monitor-ipsec
b/debian/ovs-monitor-ipsec
index
febd569
..
0a97c88
100755
(executable)
--- a/
debian/ovs-monitor-ipsec
+++ b/
debian/ovs-monitor-ipsec
@@
-83,6
+83,7
@@
path certificate "%s";
cert_entry = """remote %s {
exchange_mode main;
nat_traversal on;
+ ike_frag on;
certificate_type x509 "%s" "%s";
my_identifier asn1dn;
peers_identifier asn1dn;