[strongSwan] Can't connect to port 4500 with Brighthouse cable hotspot
Volker Rümelin
vr_strongswan at t-online.de
Fri Dec 26 14:40:05 CET 2014
Hi Jay,
I am resending this mail, because I forgot to include the mailing list.
> Nov 29 08:24:14 14[ENC] generating IKE_AUTH request 1 [ IDi CERT N
> (INIT_CONTACT) CERTREQ AUTH CPRQ(ADDR ADDR6 DNS DNS6) N(ESP_TFC_PAD_N) SA
> TSi TSr N(MOBIKE_SUP) N(NO_ADD_ADDR) N(MULT_AUTH) N(EAP_ONLY) ]
> Nov 29 08:24:14 14[NET] sending packet: from 10.235.225.57[56813] to
> my.server[4500] (1772 bytes)
> Nov 29 08:24:16 16[IKE] retransmit 1 of request with message ID 1
> Nov 29 08:24:16 16[NET] sending packet: from 10.235.225.57[56813] to
> my.server[4500] (1772 bytes)
>
I wouldn't be surprised if this is a fragmentation problem and your hotspot provider drops ip fragments. In this case adding
fragmentation=yes
to the conn %default section in ipsec.conf on your openwrt server may solve your problem.
Best regards,
Volker
More information about the Users
mailing list