[Swan] LibreSwan not accepting port 9001 but accepts 5000?

Madden, Joe Joe.Madden at mottmac.com
Wed Jul 12 15:57:37 UTC 2017


Hi List,


I have an issue with a Libreswan instance where It appears to be port selective over what traffic goes across the VPN.


    authby=             secret
    auto=               start
    type=               tunnel
    nat_traversal=      yes
    forceencaps=        no
    rekeymargin=        3m
    keyingtries=        %forever
    keylife=            1h
    ikelifetime=        24h
    ikev2=              insist

    left=               1.1.1.1
    leftsubnet=         192.168.70.1/32
    leftid=             1.1.1.1

    right=              2.2.2.2
    rightid=            2.2.2.2
    rightsubnet=        10.190.22.0/24
    #Phase 1
    ike=                aes256-sha2_256;modp2048
    #Phase 2
    phase2=             esp
    phase2alg=          aes256-sha2_256;modp2048
    #Other Encryption Settings
    pfs=                yes
    sha2_truncbug=      no
    #Dead Peer Detection
    dpdaction=  restart


Port 5000,5001,5002 will go across the VPN fine (Source from Right Side)

But port 9001 (Source from Left Side) is not captured into the VPN and as a result attempts to go out to the internet and fails.


Communication on port 5001/5002/5000 is successful.

Does anyone have any ideas of what could be causing this issue?

Thanks

Joe.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20170712/98dd0d11/attachment.html>


More information about the Swan mailing list