View Single Post
  #2   (View Single Post)  
Old 2nd July 2009
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
Join Date: May 2008
Location: USA
Posts: 7,940

Because security/vpnc is a userland implementation of IPSec, you must disable either one or two sysctls, per the installation message:
In order for vpnc to actually get any received IPsec packet, you have
to disable ESP in your kernel like this:

    sysctl net.inet.esp.enable=0

If you are behind a NAT gateway, you have to disable UDP encapsulation
as well:

    sysctl net.inet.esp.udpencap=0
This port has been discussed on the ports@ mailing list several times over the last five years:
Reply With Quote