Hi Tom,
I'm using similar configuration, but without keyingtries. Give it a
chance without this parameter.
And try to set local_addr = 10.17.0.3 in connections.VPN01 due to the
following:
10[CFG] looking for peer configs matching
10.17.0.3[%any]...81.xxx.yyy.zzz[81.xxx.yyy.zzz]
10[CFG] no
Did a little testing, it appears that an interface is needed, a dummy interface
allowed a connection but I'm having other problems. Need to do more testing
before I post again.
From: Users on behalf of Leroy Tennison
Sent: Wednesday, September 30, 2020 11:42
I'm trying to setup a connection between a StrongSwan behind NAT and a
directly connected Fortigate but I just can't get the connection up.
This is the relevant config:
# 10.17.0.3 is the private IP of StrongSwan
# 83.aaa.bbb.ccc is the public IP of StrongSwan where port 500 and 4500 are
NAT'd