strongSwan

15.03.2020

15:02 strongSwan Issue #3369: Possible to set size limit for UDP packet because of double encapsulation

Thanks. But I intend to use two-layer encapsulation, just for fun. Yep, I fixed the issue for TCP packets, quite easy...

12.03.2020

08:57 strongSwan Issue #3369: Possible to set size limit for UDP packet because of double encapsulation

Yep, lowering the MTU of the outgoing interface is a good method. But I have macOS and iOS native IKEv2 clients softw...

07:39 strongSwan Issue #3369 (Feedback): Possible to set size limit for UDP packet because of double encapsulation

Dear, everyone
The native IKEv2 IPsec kernel would use an MTU of 1400 bytes. So after first layer of encapsulation...

21.01.2020

12:12 strongSwan Issue #3314: VPN connection dropped after overnight

Can I use the iOS's DPD (once every a minute) to maintain NAT mapping?
Tom

11:10 strongSwan Issue #3317 (New): Two directions potential NAT conflict in site to site mode

As shown in the photo, site 2 site mode could be initialized from each side.
Goal: to use iptables to custom the p...

06:25 strongSwan Issue #3314: VPN connection dropped after overnight

Strange, even with the iOS's NAT keepalive turned on, I still get retransmit errors....

20.01.2020

13:37 strongSwan Issue #3314: VPN connection dropped after overnight

I made some testing today and after checking the log more deeply, I found the direct reasons for the disconnection wa...

19.01.2020

07:02 strongSwan Issue #3314: VPN connection dropped after overnight

Noel Kuntze wrote:
> Don't reuse IDs on different clients.
> And also follow the [[HelpRequests]] page, please. It'...

18.01.2020

08:48 strongSwan Issue #3314: VPN connection dropped after overnight

It looks like that,...

07:13 strongSwan Issue #3314: VPN connection dropped after overnight

It seem that the rekeying has some problem....