Hello,
I have two tunnels between two peers and my device.
One of peers is under NAT.
Tunnels are IKE2 mode.
Both are working fine, but strange IPSEC logs are being generated at my router from NAT'ed peer:
KA: MY_PUBLIC[4500]-> NAT'ed_PUBLIC [4500]
1 times of 1 bytes message will be sent to NAT'ed_PUBLIC[4500]
input: in:ether2 out:(unknown 0), src-mac 90:e2:ba:f7:13:40, proto UDP, NAT'ed_PUBLIC:4500->MY_PUBLIC:4500, len 144
And it kept repeating.
After I allowed INPUT traffic from NAT'ed PUBLIC output changed to:
KA: MY_PUBLIC[4500]->NAT'ed_PUBLIC[4500]
1 times of 1 bytes message will be sent to NAT'ed_PUBLIC[4500]
=> outgoing plain packet (size 0x1c)
===== sending 140 bytes from MY_PUBLIC[4500] to NAT'ed_PUBLIC[4500]
===== received 156 bytes from NAT'ed_PUBLIC[4500] to MY_PUBLIC[4500]
=> iv (size 0x10)
decrypted packet
reply ignored
And it keeps cycling.
I cannot find anything usefull on google.