Hi Harald,
is there some way to tell charon-nm to use 4500/udp for the outgoing connection, instead of an arbitrary port, if available? Same for 500/udp.
You can explicitly configure the ports via strongswan.conf (charon-nm.port and charon-nm.port_nat_t). Just make sure you don't use charon or charon-systemd on the same host to avoid conflicts.
I assume a problem on the AVM Fritzbox in this context. 500/udp and 4500/udp at both ends appears to be more reliable.
That doesn't really make sense as there could always be a NAT in between that changes the source ports.
Also, has AVM finally released a version of their system that supports IKEv2? Took them long enough. But considering their track record regarding IKEv1, I guess we have to expect interoperability issues for the next 20 years.
However, I am not sure at all where the temporary port comes from.
What are you referring to? Regards, Tobias
