[strongSwan] NAT-T port configuration
Martin Willi
martin at strongswan.org
Thu Mar 19 10:12:30 CET 2015
Hi,
> 1. Is it possible to use port other than 4500 for NAT-T UDP
> encapsulation. If yes how can I configure it ?
Yes, with the "port_nat_t" option in strongswan.conf, refer to [1] for
details.
To initiate a connection to a host with non-default ports, use the
ipsec.conf rightikeport option. Instead of initiating to port 500 and
switch to port 4500, you have to directly initiate to the NAT-T port by
specifying it with rightikeport.
> 2. Is it possible to change the keep alive timer interval using
> strongswan or other methods ?
Yes, using the "keep_alive" option, also described at [1].
Regards
Martin
[1]https://wiki.strongswan.org/projects/strongswan/wiki/strongswanConf
More information about the Users
mailing list