swapnilpp at yahoo
Oct 17, 2009, 1:39 PM
Post #1 of 1
(174 views)
Permalink
|
|
Re: vpnc-nortel for MAC OS (working!)
|
|
Hi Antonio,Thank you for all the help. I now have a working nortel VPN on MAC OSX.
I found that setup_sockaddr_in macro did not set sa_len (or sin_len) and therefore the SPD entry was not setup correctly to tunnel the traffic. Uncommenting this line fixed the tunnel. (sain)->sin_len = sizeof(struct sockaddr_in);
I also wrote a VPNC script with split network (Attachment) and using scutil for settings DNS entries.
CheersSwapnil
--- On Fri, 10/16/09, Antonio Borneo <borneo.antonio[at]gmail.com> wrote:
From: Antonio Borneo <borneo.antonio[at]gmail.com>
Subject: Re: [vpnc-devel] vpnc-nortel for MAC OS (almost!)
To: "vpnc list" <vpnc-devel[at]unix-ag.uni-kl.de>, "swapnil pandit" <swapnilpp[at]yahoo.com>
Date: Friday, October 16, 2009, 12:30 PM
Ciao Swapnil,
well spotted! I do not have access to a Mac systems, so you finding is
really helpful.
The parameter sa_len is used in BSD-like systems, and seems Mac is one of them.
But, this parameter does not exist in Linux.
To support multiple platforms, code needs something more.
The file sysdep.h already defines a macro HAVE_SA_LEN, that can be
used for this purpose.
#ifdef HAVE_SA_LEN
addr->sa_len = sizeof (struct sockaddr);
#endif
For what concerns routing configuration, I suggest you to check
differences inside the package "ipsec-tools" (a.k.a. "racoon"), in the
file ./src/racoon/samples/roadwarrior/client/phase1-up.sh
This script setup the routing, and uses different command for Linux and NetBSD.
I expect command for NetBSD could be used on Mac too.
Let me know!
Best Regards,
Antonio Borneo
On Thu, Oct 15, 2009 at 7:42 AM, swapnil pandit <swapnilpp[at]yahoo.com> wrote:
>
> Hi Antonio
> I applied your patch over the -r414 and got a successful build. Initially I was getting "error writing PF_KEY socket: Invalid argument" and then I realized thathttp://www.ietf.org/rfc/rfc2367.txt mandates setting of sa_len parameter in sockaddr.
> Made a small changed in kernel_ipsec.c samb_append_address and added the following before memcpy.
> "addr->sa_len = sizeof (struct sockaddr);"
> The problem went away and I can report a successful connection.
>
> My configuration: Intel Snow Leopard 10.6.
> Now the problem part: In your initial port you suggested following vpnc-script changes.
> #> ifconfig eth0:1 ${INTERNAL_IP4_ADDRESS} netmask {INTERNAL_IP4_NETMASK}
> #> ip route replace default via ${DEFAULTGW} dev eth0:1 src ${INTERNAL_IP4_ADDRESS}
> In OSX I am unable to create a route with source address IP selection. Without that I can't transfer data. I hope you can give me some pointers.
> Thanks
> Swapnil
|
vpnc-script-mac
