[strongSwan] IKEv2: Mobike=no not working

Noel Kuntze noel at familie-kuntze.de
Thu Feb 25 19:12:45 CET 2016


Hello Prashant,

> But the documentation in link below says, we can prevent port switching (in any scenario) and doesn't talk about the no NAT detected scenario. https://wiki.strongswan.org/projects/strongswan/wiki/MobIke
You're misunderstanding the documentation.
Enabling MOBIKE (or keeping it in the default setting, which is "yes") makes charon try to negotiate mobike support
with the other peer and if it is negotiated, float to UDP port 4500 in *any* case, regardless if there is NAT or not.

If you disable MOBIKE, one of the following things can happen:
*There is NAT: charon will enable NAT-T and float to UDP port 4500.
*There is NO NAT: charon will NOT enable NAT-T and NOT float to UDP port 4500.

-- 

Mit freundlichen Grüßen/Kind Regards,
Noel Kuntze

GPG Key ID: 0x63EC6658
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20160225/94215f1b/attachment-0001.pgp>


More information about the Users mailing list