[strongSwan] issue connecting to fortigate
Tobias Brunner
tobias at strongswan.org
Fri Jun 26 10:01:02 CEST 2020
Hi Doug,
> The logs on the strongsan show
> something I'm not used to seeing. It appears somehow that quickmode
> phase2 is responding on port 500 instead of 4500.
That's normal if there is no NAT between the hosts or the peer has NAT
detection/traversal disabled (strongSwan always has it enabled). The
switch to 4500 only happens if the initiator detects a NAT. If there
actually is a NAT between the hosts, make sure to enable NAT-T on the peer.
Regards,
Tobias
More information about the Users
mailing list