Open fardindadashi opened 10 months ago
You need to turn on "force udp encapsulation" option in your *Swan. I think you should not use udp2raw upon udp/500. udp/500 is for phase-1 where the parameters of child SAs are exchanged, put it behind a proxy might results in error. Secured traffic happens in phase-2, and uses ESP packets, I believe they can be tunneled by udp2raw after encapsulated in udp.
Hi. I have an IKEv2 server and I ran these commands but doesn't work (there is no error, just vpn connection fails):
server side:
client side
what am I missing?