[strongSwan] Question regarding UDP traffic without port number in IKE negotiation
Robin Pimentel
robin at gaikai.com
Fri Jun 24 20:49:49 CEST 2011
I went over RFC 5996, but I could not find any operation which specified the
use of UDP without a port number (value is set to 0 for src and dst ports).
I had an instance behind a firewall that was failing to negotiate because
this traffic was blocked. After I unblocked it the negotiation was
successful.
For example.
10:50:06.136161 IP (tos 0x0, ttl 64, id 34545, offset 2960, flags [none],
proto UDP (17), length 156) 10.10.10.10 > 10.10.11.10: udp
10:50:06.191787 IP (tos 0x0, ttl 53, id 55687, offset 1480, flags [none],
proto UDP (17), length 1460) 10.10.10.10 > 10.10.11.10: udp
Does anyone have any background on what message this is and why it is sent
this way?
Thanks,
Robin.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20110624/5fe77643/attachment.html>
More information about the Users
mailing list