Hi,
We are working to setup an IPSec PSK VPN between the 4G router and
StrongSwan which resides on a public server in road warrior configuration,
with the 4G router being the road warrior clients.
Cisco 819 4G router ( Road warrior client) ---CGNAT
--
Thanks Tobias... That clears a lot...
Besides mobike, you mentioned that when exchange is done on 4500 and no
NATT detected.
Strong swan sends ESP as non-UDP encapsulated.
Going by some reference earlier, I recall, even if no NATT detected and
still initiator using port 4500 for Ikev2.
It can be
Hi Mukesh,
> Crux of this para is that if NAT traversal and mobike both are supported
> at both IPsec end-points, then implementation shall change to port 4500.
>
> Both peers support NAT traversal will be found at IKE_SA_INIT exchange
> and Mobike support will be found after IKE_AUTH exchange
