[strongSwan] How to disable NAT traversal with strongSwan VPN client app (on android device)?
Tobias Brunner
tobias at strongswan.org
Tue Jun 13 09:44:42 CEST 2017
Hi Chinmaya,
> I am using the strongSwan VPN client app (as an IKEv2 initiator) in my
> android device. How can I disable NAT feature? Because by default, it
> sends IKE_AUTH request and data traffic in UDP encapsulated packet which
> I do not want.
You can't. The app uses the VpnService API and has limited privileges
so it can't send ESP packets directly (as that would require a RAW
socket, which is only possible in root/CAP_NET_RAW processes). That's
why UDP encapsulation is enforced and can't be disabled.
Regards,
Tobias
More information about the Users
mailing list