Merr....
I noticed that the version of libreswan was 3.8, so I figured "hey, I should update that to 3.10". now nobody can connect, getting 'unsuitable connection for peer'. I didn't find a file warning me of any problems, so I shutdown the service, make install'd over top of the old one, and started it up again. Going through the change file, I don't see anything indicating I need to change my config file. Is there some trap I overlooked? -- Computerisms Bob Miller 867-334-7117 / 867-633-3760 http://computerisms.ca On Fri, 2014-10-10 at 12:31 -0400, Paul Wouters wrote: > On Fri, 10 Oct 2014, Bob Miller wrote: > > > One thing I find that seems interesting; when the android connects > > through my LAN, it uses ports 500 and 1245, whereas when it connects > > through lte, it uses random high number ports, like 59371 instead of > > 500, which the server responds too, and 48848 instead of 4500, which the > > server does not respond to. Not sure if this indicates a problem yet, > > but not sure why it is different, it seems like it shouldn't be... > > Your libreswan server must allow any port to udp port 500 and any port > to udp port 4500. The NAT is causing the android's udp (4)500 packets > to appear from random high ports. > > Paul _______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
