Re: [strongSwan] Changing IKE port

Wed, 13 Jul 2016 10:04:34 -0700 

Hi Tobias,


That's unfortunate, because it would have been interesting to see
whether the client added a non-ESP marker to the packet or not (four
zero bytes).  If neither port is 500 charon expects that to be the case,
if not the packet is silently discarded after it has been read from the
socket.



Sorry. Here is a the complete log. This time, I recompiled Strongswan 
with socket-dynamic plugin.



Jul 13 18:44:44 ikev2 charon: 03[NET] received packet => 184 bytes @ 
0xafaa49f0
Jul 13 18:44:44 ikev2 charon: 03[NET]    0: 46 F9 B2 43 68 DA 95 DA 00 
00 00 00 00 00 00 00  F..Ch...........
Jul 13 18:44:44 ikev2 charon: 03[NET]   16: 01 10 02 00 00 00 00 00 00 
00 00 B8 0D 00 00 38  ...............8
Jul 13 18:44:44 ikev2 charon: 03[NET]   32: 00 00 00 01 00 00 00 01 00 
00 00 2C 01 01 00 01  ...........,....
Jul 13 18:44:44 ikev2 charon: 03[NET]   48: 00 00 00 24 00 01 00 00 80 
01 00 07 80 02 00 04  ...$............
Jul 13 18:44:44 ikev2 charon: 03[NET]   64: 80 03 00 03 80 04 00 05 80 
0B 00 01 80 0C 03 20  ...............
Jul 13 18:44:44 ikev2 charon: 03[NET]   80: 80 0E 00 80 0D 00 00 14 44 
85 15 2D 18 B6 BB CD  ........D..-....
Jul 13 18:44:44 ikev2 charon: 03[NET]   96: 0B E8 A8 46 95 79 DD CC 0D 
00 00 14 90 CB 80 91  ...F.y..........
Jul 13 18:44:44 ikev2 charon: 03[NET]  112: 3E BB 69 6E 08 63 81 B5 EC 
42 7B 1F 0D 00 00 14  >.in.c...B{.....
Jul 13 18:44:44 ikev2 charon: 03[NET]  128: 7D 94 19 A6 53 10 CA 6F 2C 
17 9D 92 15 52 9D 56  }...S..o,....R.V
Jul 13 18:44:44 ikev2 charon: 03[NET]  144: 0D 00 00 14 4A 13 1C 81 07 
03 58 45 5C 57 28 F2  ....J.....XE\W(.
Jul 13 18:44:44 ikev2 charon: 03[NET]  160: 0E 95 45 2F 00 00 00 14 AF 
CA D7 13 68 A1 F1 C9  ..E/........h...
Jul 13 18:44:44 ikev2 charon: 03[NET]  176: 6B 86 96 FC 77 57 01 00 
                    k...wW..
Jul 13 18:44:44 ikev2 charon: 03[NET] received packet: from 
192.168.30.200[6701] to 192.168.30.22[6701]

Jul 13 18:44:44 ikev2 charon: 03[NET] waiting for data on sockets

I am doing my tests with the VPN Client and Strongswan in the same LAN.

Regards.

Eric Boudrand
_______________________________________________
Users mailing list
[email protected]
https://lists.strongswan.org/mailman/listinfo/users





















					Reply via email to