only switch to port 4500 if we are on 500: fixed reauthentication in NAT
authorMartin Willi <martin@strongswan.org>
Wed, 12 Sep 2007 11:11:10 +0000 (11:11 -0000)
committerMartin Willi <martin@strongswan.org>
Wed, 12 Sep 2007 11:11:10 +0000 (11:11 -0000)
scenarios

src/charon/sa/tasks/ike_natd.c

index 3c530d2..eea7691 100644 (file)
@@ -232,10 +232,17 @@ static status_t process_i(private_ike_natd_t *this, message_t *message)
                {
                        host_t *me, *other;
                
+                       /* do not switch if we have a custom port from mobike/NAT */
                        me = this->ike_sa->get_my_host(this->ike_sa);
-                       me->set_port(me, IKEV2_NATT_PORT);
+                       if (me->get_port(me) == IKEV2_UDP_PORT)
+                       {
+                               me->set_port(me, IKEV2_NATT_PORT);
+                       }
                        other = this->ike_sa->get_other_host(this->ike_sa);
-                       other->set_port(other, IKEV2_NATT_PORT);
+                       if (other->get_port(other) == IKEV2_UDP_PORT)
+                       {
+                               other->set_port(other, IKEV2_NATT_PORT);
+                       }
                }
        }