Ubuntu 16.04 Strongswan Host->Host VPN Connection established but no traffic when using alternate port

By Atti

I’ve successfully setup a working Strongswan VPN across 2 Ubuntu boxes over the default ports everything is fine, I can ping each host across the connection.
However, After changing the ports from 500 & 4500 to 510 & 4510 with identical configuration the connection is established successfully, however I am unable to ping either host and no data can be sent across them.

My configs are as follows:

/etc/ipsec.conf

config setup
  charondebug="ike 1,dmn 1,enc 1"
  nat_traversal=yes

conn %default
  keyingtries=1
  keyexchange=ikev1
  authby=secret
  leftfirewall=yes
  auto=add

conn mainoffice
  leftsubnet=172.18.16.0/24
  right=%any
  rightsubnet=192.168.0.0/24
  rekeymargin=3m
  ikelifetime=60m
  keylife=20m
  ike=aes128-md5-modp768
  esp=aes256-md5
  #leftikeport=510
  #rightikeport=510
  #rightport=4510
  #leftport=4510

/etc/strongswan.conf

charon {
        load_modular = yes
        #port = 510
        #port_nat_t = 4510
        plugins {
                include strongswan.d/charon/*.conf
        }
}

include strongswan.d/*.conf

With the above values everything works fine. When uncommenting the commented parts it connects but doesn’t send data.

Source:: Host VPN Connection established but no traffic when using alternate port” >http://askubuntu.com/questions/870569/ubuntu-16-04-strongswan-host-host-vpn-connection-established-but-no-traffic-whe


Leave a Reply