[Swan] (no subject)
Paul Wouters
paul at nohats.ca
Mon Sep 10 20:33:33 UTC 2018
On Mon, 10 Sep 2018, Matthew Johnson wrote:
> I'm running:
> Linux Libreswan 3.15 (netkey) on 2.6.32-754.2.1.el6.x86_64
>
> Updating is not an option...
Neither are bugs :P
> My clients are behind a NAT, which is changing the source port from 500 to something random and high. The server receives the packet, but the
> reply does not honor the source port, and instead replaces the random high port number with 500.
>
> The client's NAT, doesn't know what to do with a reply to port 500, so drops the packets.
>
> How can I configure the server to honor the source port?
This is not a configuration item but a bug we fixed. I looked through
our CHANGES file and tried some git log grep'ing to narrow down where
we fixed it, but I couldn't find it.
So yeah, it's a bug and was fixed in the past.
Paul
More information about the Swan
mailing list