[Swan] android nat vs no-nat
Paul Wouters
paul at nohats.ca
Fri Oct 10 19:31:00 EEST 2014
On Fri, 10 Oct 2014, Bob Miller wrote:
> One thing I find that seems interesting; when the android connects
> through my LAN, it uses ports 500 and 1245, whereas when it connects
> through lte, it uses random high number ports, like 59371 instead of
> 500, which the server responds too, and 48848 instead of 4500, which the
> server does not respond to. Not sure if this indicates a problem yet,
> but not sure why it is different, it seems like it shouldn't be...
Your libreswan server must allow any port to udp port 500 and any port
to udp port 4500. The NAT is causing the android's udp (4)500 packets
to appear from random high ports.
Paul
More information about the Swan
mailing list