Thanks Tobias... That clears a lot...
Besides mobike, you mentioned that when exchange is done on 4500 and no
NATT detected.
Strong swan sends ESP as non-UDP encapsulated.
Going by some reference earlier, I recall, even if no NATT detected and
still initiator using port 4500 for Ikev2.
It can be
Hi Mukesh,
> Crux of this para is that if NAT traversal and mobike both are supported
> at both IPsec end-points, then implementation shall change to port 4500.
>
> Both peers support NAT traversal will be found at IKE_SA_INIT exchange
> and Mobike support will be found after IKE_AUTH exchange
HI All,
I have a query for scenario mentioned in RFC 4555 Sectoin 3.3.
Any input or reference will be appreciated...
Query is regarding Responder's behavior w.r.t to UDP encapsulation of
Ikev2/ESP when all exchange till IKE_Auth completion is done on port 500...
Details:
*"The addresses are