o) <
> fteh...@cisco.com>
> *Cc:* vpp-dev ; Benoit Ganne (bganne) <
> bga...@cisco.com>
> *Subject:* Re: [vpp-dev] ikev2 and nat-t
>
> Hi Filip,
>
> In my case an initiator is behind NAT while a responder has a public IP.
> What node should check for SPI=
pp-dev ; Benoit Ganne (bganne)
Subject: Re: [vpp-dev] ikev2 and nat-t
Hi Filip,
In my case an initiator is behind NAT while a responder has a public IP.
What node should check for SPI=0? I also have LCP enabled on some interfaces,
maybe it breaks the default punt behaviour.
On Fri, 13 May 2022 at
> Ganne (bganne) via lists.fd.io
> *Sent:* Friday, May 13, 2022 10:26 AM
> *To:* Stanislav Zaikin ; vpp-dev
> *Subject:* Re: [vpp-dev] ikev2 and nat-t
>
> Hmm good catch, I wonder why we did not catch it - maybe the unit tests
> use only non-standard port...
> Can you try t
ay 13, 2022 10:26 AM
To: Stanislav Zaikin ; vpp-dev
Subject: Re: [vpp-dev] ikev2 and nat-t
Hmm good catch, I wonder why we did not catch it - maybe the unit tests use
only non-standard port...
Can you try to patch it accordingly and if it solves the issue, push it on
gerrit for review?
If you
ideal of course.
Best
Ben
> -Original Message-
> From: vpp-dev@lists.fd.io On Behalf Of Stanislav
> Zaikin
> Sent: Thursday, May 12, 2022 18:11
> To: vpp-dev
> Subject: [vpp-dev] ikev2 and nat-t
>
> Hello folks,
>
> I have an issue with ikev2 and the host
Hello folks,
I have an issue with ikev2 and the host over the nat. IKE_AUTH packet goes
to ikev2-ip4 node instead of ikev2-ip4-natt and it causes
IKEV2_ERROR_BAD_LENGTH.
I'm not an expert in ike, but are there the right nodes specified below?
udp_register_dst_port (vm, IKEV2_PORT, ikev2_no
