On Mon, 10 Sep 2018, Matthew Johnson wrote:
I'm running:
Linux Libreswan 3.15 (netkey) on 2.6.32-754.2.1.el6.x86_64
Updating is not an option...
Neither are bugs :P
My clients are behind a NAT, which is changing the source port from 500 to
something random and high. The server receives the packet, but the
reply does not honor the source port, and instead replaces the random high port
number with 500.
The client's NAT, doesn't know what to do with a reply to port 500, so drops
the packets.
How can I configure the server to honor the source port?
This is not a configuration item but a bug we fixed. I looked through
our CHANGES file and tried some git log grep'ing to narrow down where
we fixed it, but I couldn't find it.
So yeah, it's a bug and was fixed in the past.
Paul
_______________________________________________
Swan mailing list
Swan@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan
