Hi Tobias,
I forgot about this yesterday, but this was actually a bug in 4.5.0.
While charon detects that it is behind a NAT, and properly responds to
requests, it does not update the port internally and still uses port 500
for its own requests and for installing the SA in the kernel.
Thank you for any help and pointers.
Kim Zeitler
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
Hi Tobias,
Very strange. Due to the NAT this packet should actually be sent from
port 4500 to port 4500. The complete log of moon (and sun) would help
to see whether there is something wrong with the NAT detection etc.
Here are excerpts of the two log files. I tried to get similar time
Hello Andreas,
I tried to use the iPad's pure-IPsec configuration, and no ESP
packets were seen. So I concluded that with L2TP-over-IPsec I was
one step more close to the goal ;-)
from your mail I see that you tried to use a 'pure' ipsec connection.
In my experience L2TP is to much hazzle
Hello,
as our company has expanded lately we introduced strogSwan to our
infrastructure to allow both Windows7 Roadwarriors and Site-to-Site
connections.
The RW Setup works like a charm and gives us no trouble at all. But out
Site-to-Site setup shows some strange behaviour.
This 'strange'