Issue #3223

Updated by Tobias Brunner 9 months ago

In my environment,NAT traversal enabled which happens even if no NAT situation exists.So I disable MOBIKE by adding mobike=no to ipsec.conf,But the udp port always automatic floating to 4500.I need your help!
My configuration and run logs are shown below´╝Ü
root@ubuntu:/home/fastgate/misc/strongswan/etc/ipsec.conf.d# cat conn.tunnel.1
conn %default
# -- Negotiate --
keyexchange = ikev2
keyingtries = 1
mobike = no
closeaction = clear
# -- IKE SA Lifetime --
reauth = no
# -- IPSEC SA Lifetime --
rekey = no
# -- DPD --
dpdaction = clear
dpddelay = 10s
# -- Other --
right = %any
auto = add
conn tunnel-1
left =
leftsubnet =
leftauth = psk
leftid = "*dengjie@psk"
rightsourceip =
rightauth = psk

run logs:
15[CFG] received stroke: add connection 'tunnel-1'
15[CFG] conn tunnel-1
15[CFG] left=
15[CFG] leftsubnet=
15[CFG] leftauth=psk
15[CFG] leftid=*dengjie@psk
15[CFG] right=%any
15[CFG] rightsourceip=
15[CFG] rightauth=psk
15[CFG] ike=aes128-sha256-curve25519
15[CFG] esp=aes128-sha256
15[CFG] dpddelay=10
15[CFG] dpdtimeout=150
15[CFG] dpdaction=1
15[CFG] closeaction=1
15[CFG] mediation=no
15[CFG] keyexchange=ikev2
15[CFG] adding virtual IP address pool
15[CFG] added configuration 'tunnel-1'