Hi Jessie, NAT traversal cannot be disabled in the IKEv2 charon daemon. If you don't like automatic port floating to UDP/4500 due to the MOBIKE protocol (RFC 4555) which happens even if no NAT situation exists then you can disable MOBIKE by adding
mobike=no to ipsec.conf in the connection definition Regards Andreas NAT Jessie Liu wrote: > Hi all, I saw in ipsec.conf that nat_traversal configuration is only > for IKEv1. why it is non-configured in IKEv2? it should be optional, > right? if i want to disable nat traversal in ikev2, what should i do? > > > Thanks. ====================================================================== Andreas Steffen [email protected] strongSwan - the Linux VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===========================================================[ITA-HSR]== _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
