If you care, you can just use a DNAT rule in *nat OUTPUT (if you use Linux) to redirect the packets to port 4500 to port 500. > Thanks for your quick response Noel. I am testing a scenario where we don't > have 4500 port open on intermediate NAT device. I think my options are: > 1. Libreswan : which provides configurable parameter - nat-ikeport(default > 4500) > 2. Use IPsec client which has nat_traversal parameter > a. Older version of strongswan > b. Openswan. > > I am wondering if the new age Android and Iphone do the automatic port > floating in case of NAT-T. I need to test th
-- Mit freundlichen Grüßen/Kind Regards, Noel Kuntze GPG Key ID: 0x63EC6658 Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
