Discussion:
[strongSwan] Non-standard IKE ports
eyas barhouk
2018-11-05 07:32:07 UTC
Permalink
hello dears ,


i'm using strongswan as IKEv2 VPN Server and need it to deal with random ports ,i tried to use fixed ports and it succeed from both sides (client & server).
so is there a way to make both of client and server use random ports (i tried to set port_nat_t = 0 but the client doesn't understand it).

thanks in advance
regards
Tobias Brunner
2018-11-05 13:51:48 UTC
Permalink
Hi,

> so is there a way to make both of client and server use random ports

Using random ports on the server does not really work because the client
has to know the port.

> (i
> tried to set port_nat_t = 0 but the client doesn't understand it). 

What do you mean "doesn't understand it"?

See [1] regarding custom ports in general.

Regards,
Tobias

[1]
https://wiki.strongswan.org/projects/strongswan/wiki/NATTraversal#Custom-Server-Ports
eyas barhouk
2018-11-05 14:09:01 UTC
Permalink
Thanks for your kind feedback Tobias

I mean by saying the client doesn't understand the port_nat=0 that the client fails to connect to the vpn server .
And I think it's like what u say" a client issue ".

Many thanks
Regards

Get Outlook for Android<https://aka.ms/ghei36>

________________________________
From: Tobias Brunner <***@strongswan.org>
Sent: Monday, November 5, 2018 3:51:48 PM
To: eyas barhouk; ***@lists.strongswan.org
Subject: Re: [strongSwan] Non-standard IKE ports

Hi,

> so is there a way to make both of client and server use random ports

Using random ports on the server does not really work because the client
has to know the port.

> (i
> tried to set port_nat_t = 0 but the client doesn't understand it).

What do you mean "doesn't understand it"?

See [1] regarding custom ports in general.

Regards,
Tobias

[1]
https://wiki.strongswan.org/projects/strongswan/wiki/NATTraversal#Custom-Server-Ports
Continue reading on narkive:
Loading...