Hi Kim, > On our IPSec GW moon we can see following message repeatedly in our log > files: > ------------------------ > Mar 19 11:02:45 moon charon: 14[NET] sending packet: from > 192.168.2.17[4500] to sun[500]
Very strange. Due to the NAT this packet should actually be sent from port 4500 to port 4500. The complete log of moon (and sun) would help to see whether there is something wrong with the NAT detection etc. > Mar 19 11:02:46 moon charon: 01[KNL] NAT mappings of ESP CHILD_SA > with SPI c2aa0995 and reqid {804} changed, queuing update job This seems strange too as this should not really happen for the host *behind* the NAT (unless the other end is natted too, of course) - and only if the actual endpoints have changed. A possible reason could be that sun sends ESP packets from port 4500 while moon has port 500 configured (if the port used above is any indication). > Moon is running: Linux strongSwan U4.5.0/K2.6.37.6-0.5-desktop > Sun is running: Linux strongSwan U4.2.8/K2.6.27.7-9-pae Hm, 4.2.8 is quite old not sure if that plays a part in this. Regards, Tobias _______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users