diff options
-rw-r--r-- | roles/common/files/etc/strongswan.d/charon/socket-default.conf | 2 | ||||
-rw-r--r-- | roles/common/templates/etc/iptables/services.j2 | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/roles/common/files/etc/strongswan.d/charon/socket-default.conf b/roles/common/files/etc/strongswan.d/charon/socket-default.conf index 1bc20f1..6d4b73d 100644 --- a/roles/common/files/etc/strongswan.d/charon/socket-default.conf +++ b/roles/common/files/etc/strongswan.d/charon/socket-default.conf @@ -14,7 +14,7 @@ socket-default { # use_ipv4 = yes # Listen on IPv6, if possible. - use_ipv6 = no + # use_ipv6 = yes } diff --git a/roles/common/templates/etc/iptables/services.j2 b/roles/common/templates/etc/iptables/services.j2 index 120f1c3..563a310 100644 --- a/roles/common/templates/etc/iptables/services.j2 +++ b/roles/common/templates/etc/iptables/services.j2 @@ -5,7 +5,7 @@ # (in|out|inout)[46]? (tcp|udp|..) (port|port:port|port,port) (port|port:port|port,port) {% if groups.all | length > 1 %} -inout4 udp 500 500 # ISAKMP +inout udp 500 500 # ISAKMP {% if groups.NATed | length > 0 %} inout4 udp 4500 4500 # IPsec NAT Traversal {% endif %} |