[strongSwan] Changing IKE port
Andreas Steffen
andreas.steffen at strongswan.org
Wed Jul 13 18:01:14 CEST 2016
Hi Eric,
you have to compile and load the socket-dynamic plugin in order
for non-standard IKE ports to work.
Best regards
Andreas
On 13.07.2016 17:22, Eric Boudrand wrote:
> Hi,
>
> I am trying to establish IKEv1 tunnel with non standard IKE port. I have
> set charon.port=6701 in /etc/strongswan.d/charon.conf.
>
> In the logs, i can see the incoming packet :
> Jul 13 16:43:41 ikev2 charon: 03[NET] received packet => 184 bytes @
> 0xafb379f0
> [ I removed the intermediate logs ]
> Jul 13 16:43:41 ikev2 charon: 03[NET] received packet: from
> 192.168.0.200[6701] to 192.168.0.22[6701]
> Jul 13 16:43:41 ikev2 charon: 03[NET] waiting for data on sockets
> But, there is no more action.
>
> If I remove "charon.port" parameter and set 500 as IKE port in the
> remote VPN client configuration, the tunnel is established. Is there
> another parameter to add ? I did not use leftikeport.
>
> Regards.
--
======================================================================
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[ITA-HSR]==
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4275 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20160713/d431d85e/attachment.bin>
More information about the Users
mailing list