Hello Arnab, if the ip6tables default policy is DROP then you must explicitly allow UDP/500, UDP/4500 and ESP:
http://git.strongswan.org/?p=strongswan.git;a=blob;f=testing/tests/ipv6/net2net-ikev2/hosts/moon/etc/init.d/iptables;h=b3509f8dfc9b0c34baff886226685c349176df31;hb=HEAD Regards Andreas On 20.07.2011 13:04, Arnab Bakshi wrote: > Hi Andreas, > > Do we need to set any entry in iptables to ACCEPT the IKEv2 UDP ports > (500 & 4500) when using strongswan. > > Actually I am trying to bring up the session with strongswan against > one of my implementation. > > * _Strongswan info:_* > > Release version: 4.5.2 > Kernel: 2.6.35 > Linux Flavour: Ubuntu- 0.10 > > Please let me know on this?...Actually this used to work on Strongswan > release 4.2.12 with kernel 2.6.9-22.EL and if we disable firewall. > > Regards > Arnab ====================================================================== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Linux VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===========================================================[ITA-HSR]== _______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users