-----邮件原件----- 发件人: weiping deng [mailto:[email protected]] 发送时间: 2009年10月26日 17:33 收件人: 'Daniel Mentz' 主题: 答复: [strongSwan] How can I shutdown the NAT-T feture of IKEv2
Hi, Because If two peer was placed into a no NAT environment, and one peer used strongswan, another peer used another IPsec tool. If strongswan default enable this NAT-T feature, and then the following message parsing will be encountered issues due to the "4 bytes of non-ESP" and port floating RFC3948. Best Regards, David -----邮件原件----- 发件人: Daniel Mentz [mailto:[email protected]] 发送时间: 2009年10月26日 17:13 收件人: weiping deng 抄送: 'users' 主题: Re: [strongSwan] How can I shutdown the NAT-T feture of IKEv2 weiping deng wrote: > How can I shutdown the NAT-T feature of IKEv2? http://wiki.strongswan.org/wiki/strongswan/ConfigSetupSection says "NAT traversal is always being active in IKEv2." So I guess the answer is that you can't turn it off. Please explain your motivation for turning it off. Do you expect a more secure system? -Daniel _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
