[strongSwan] NAT-T port configuration
prasobh.s25 at wipro.com
prasobh.s25 at wipro.com
Thu Mar 19 10:18:36 CET 2015
Thank you Martin,
Best regards,
Prasobh
-----Original Message-----
From: Martin Willi [mailto:martin at strongswan.org]
Sent: 19 March 2015 14:43
To: Prasobh S (WT01 - Global Media & Telecom)
Cc: users at lists.strongswan.org
Subject: Re: [strongSwan] NAT-T port configuration
Hi,
> 1. Is it possible to use port other than 4500 for NAT-T UDP
> encapsulation. If yes how can I configure it ?
Yes, with the "port_nat_t" option in strongswan.conf, refer to [1] for details.
To initiate a connection to a host with non-default ports, use the ipsec.conf rightikeport option. Instead of initiating to port 500 and switch to port 4500, you have to directly initiate to the NAT-T port by specifying it with rightikeport.
> 2. Is it possible to change the keep alive timer interval using
> strongswan or other methods ?
Yes, using the "keep_alive" option, also described at [1].
Regards
Martin
[1]https://wiki.strongswan.org/projects/strongswan/wiki/strongswanConf
The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com
More information about the Users
mailing list