[strongSwan] StrongSwan 5.8.2 - received netlink error: Invalid argument (22)
Tobias Brunner
tobias at strongswan.org
Tue Jul 7 14:36:01 CEST 2020
Hi Houman,
> I still get the same errors. Although the "faking NAT situation to
> enforce UDP encapsulation" is not showing anymore. Is this now something
> else?
Yes, as the log tells you, it looks like your server is behind a NAT:
> JulĀ 7 00:28:59 de-fsn-6 charon: 11[IKE] local host is behind NAT,
> sending keep alives
Is there actually an IPv6 NAT? Or should 2a01:4f8:192:xxxx::2 be the
same address the clients see too? If so, the NAT-D payload may have
been invalid (e.g. because the client faked a NAT situation - note,
though, that strongSwan only modifies the source IP hash to that effect).
> It is very strange that the same configuration works with StringSwan
> 5.7.2 but 5.8.2 throws these errors. Something must have changed that
> I'm missing, I think.
I don't think that any change caused this. Did you have IPv6
connectivity with 5.7.2 too?
Regards,
Tobias
More information about the Users
mailing list