Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPSEC on pfsense 2.2, MOBIKE=NO option?

    IPsec
    2
    2
    2.5k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      bfeitell
      last edited by

      I am wondering if it might be possible to add a toggle for the MOBIKE protocol in pfSense 2.2?

      Under the current implementation, when IKE-V2 is used, MOBIKE causes traffic to cross UDP port 4500 whether or not NAT traversal is necessary.

      The configuration parameter "mobike=no" keeps IPSEC traffic on UDP port 500.  It might be handy to add the toggle on the Phase 1 page in the NAT-T dropdown, and add a brief explanation of the function of the toggle.

      See: https://wiki.strongswan.org/projects/strongswan/wiki/FAQ#Disabling-NAT-traversal

      Cheers,
      bfeitell

      1 Reply Last reply Reply Quote 0
      • C
        cmb
        last edited by

        There's still an open ticket to address that, it got pushed to 2.2.1.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.