[strongSwan-dev] Setting src port for ipsec

Andreas Steffen andreas.steffen at strongswan.org
Tue Dec 14 05:58:23 CET 2010

Hello John,

iptables rules for UDP ports 500 and 4500 as well as ESP protocol 50
are not set by strongSwan but must be configured externally.

strongSwan's _updown script just inserts and deletes INPUT, OUTPUT
and FORWARD IPsec policy rules to allow plaintext traffic that is
being tunneled.




On 12/14/2010 01:12 AM, John Parker wrote:
> Hi folks
> can you point me to where in StrongSwan the iptables rules are set, in
> particular the rule which limits the src port to 500.
> I've poured over the source with grep  etc and got no where.
> Many thanks
> John

Andreas Steffen                         andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution!                www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)

More information about the Dev mailing list