Re: [strongSwan] firewall configuration on Linux for IKE and dpd?
Hello Harald, You can obviously do it, but don't need it, unless you use stateful firewall rules or accounting using conntrack. Kind regards Noel Am 27.05.21 um 14:49 schrieb Harald Dunkel: Hi folks, I wonder if it is reasonable to use connection tracking for 500/udp and 4500/udp in the iptables configuration, esp. wrt dead peer detection? Your thoughts on this? Regards Harri OpenPGP_signature Description: OpenPGP digital signature
[strongSwan] firewall configuration on Linux for IKE and dpd?
Hi folks, I wonder if it is reasonable to use connection tracking for 500/udp and 4500/udp in the iptables configuration, esp. wrt dead peer detection? Your thoughts on this? Regards Harri