[strongSwan] IKE2 4500 Reply Not Making it Out
Tobias Brunner
tobias at strongswan.org
Fri Mar 23 08:18:20 CET 2018
Hi,
> No port 4500 packet hitting its own interface. Only a keep-alive.
That's the only packet that's sent from port 4500 (as also stated in the
log, where it clearly states that kepp-alive is being sent, nothing
else). Since no request to port 4500 ever makes it to the daemon (the
log tells you that too) it naturally won't send any response and so you
also don't see any other packets in tcpdump.
Seems like your DNAT to port 4500 is not working.
Regards,
Tobias
More information about the Users
mailing list