[Swan] one way ping

Paul Wouters paul at nohats.ca
Fri Aug 31 16:03:41 UTC 2018


Yes the data goes over proto 50, but if NAT is detected the proto 50 is encapsulated into a udp port 4500 packet

Sent from my phone

> On Aug 31, 2018, at 11:16, John Crisp <jcrisp at safeandsoundit.co.uk> wrote:
> 
>> On 31/08/18 01:18, Paul Wouters wrote:
>> If there is no NAT you need to open protocol 50 ESP (not port, protocol)
>> 
> 
> Thanks Paul
> 
> OK...... I know I have that open on the server firewall but can't
> remember seeing an option on the cloud providers one.
> 
> Is that because the negotiation is over 500/4500 but the data itself
> flows on protocol 50 ?
> 
> Just curious :-)
> 
> _______________________________________________
> Swan mailing list
> Swan at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan



More information about the Swan mailing list