Klaus,<div><br></div><div>I haven't experienced that problem myself - I'm using strongSwan 4.6.1 compiled with the following:</div><div><br></div><div>./configure --enable-mysql --enable-sql --enable-attr-sql --enable-cisco-quirks --enable-medsrv --enable-mediation --enable-medcli --enable-manager --enable-smp --with-group=vpn --enable-nat-transport</div>
<div><br></div><div>some of that is absolutely nonessential to my working setup atm, realistically the most important things were --enable-cisco-quirks and --enable-nat-transport. The rest is just me playing around. :-) My ipsec.conf is posted earlier in this thread, if that ends up being any help - I've configured my VPN connections w/ the iPhone Configuration Utility from Apple - <a href="http://support.apple.com/kb/dl851">http://support.apple.com/kb/dl851</a>, whose .mobileconfig files I've manually installed on the phone over HTTP.</div>
<div><br></div><div>Chris Zelenak</div><div><br></div><div><br><div class="gmail_quote">On Mon, Nov 28, 2011 at 5:46 PM, Klaus Darilion <span dir="ltr"><<a href="mailto:klaus.mailinglists@pernau.at">klaus.mailinglists@pernau.at</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">Hi Chris!<br>
<br>
Sorry for hijacking your thread - I recently setup strongSwan (4.4.1-5.2) and connecting with my iPhone works fine, but only on the first login. Further logins will fail and I have to restart strongSwan.<br>
<br>
I wonder if I am the only person with this problem or if you experience similar problems too.<br>
<br>
If you do not have this problem, which strongSwan version are you using?<br>
<br>
Thanks<span class="HOEnZb"><font color="#888888"><br>
Klaus</font></span><div><div class="h5"><br>
<br>
<br>
On 28.11.2011 05:31, Chris Zelenak wrote:<br>
</div></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div class="h5">
Hi,<br>
<br>
I've been trying to send down the UNITY_SAVE_PASSWD attrib (28673) to an<br>
iPhone client to allow local client storage of the Xauth password. (<br>
iPhone client connecting w/ IPSEC XAuth + Cert, server compiled w/ cisco<br>
quirks ) I initially tried by loading the attr plugin and having the<br>
following block in my strongswan.conf:<br>
<br>
pluto {<br>
plugins {<br>
attr {<br>
28672 = "pluto"<br>
28673 = 1<br>
}<br>
}<br>
}<br>
<br>
Both the 28672 ( UNITY_BANNER ) and 28673 ( UNITY_SAVE_PASSWD ) don't<br>
get picked up in the isakmp mode config sent back to the client - the<br>
server never sends them. ( I tried UNITY_BANNER just to debug if the<br>
attr plugin would pick it up at all ) Just to see if I could force it, I<br>
ended up inserting the following into src/pluto/modecfg.c :<br>
<br>
if (want_unity_banner)<br>
{<br>
ca = modecfg_attribute_create(<u></u>UNITY_BANNER,<br>
<br>
chunk_create(DEFAULT_UNITY_<u></u>BANNER,<br>
<br>
strlen(DEFAULT_UNITY_BANNER)))<u></u>;<br>
ca_list->insert_last(ca_list, ca);<br>
}<br>
+ ca = modecfg_attribute_create_tv(<u></u>UNITY_SAVE_PASSWD, 1);<br>
+ ca_list->insert_last(ca_list, ca);<br>
<br>
Now the data /does/ get sent down, but the iPhone client doesn't seem to<br>
be acting on the UNITY_SAVE_PASSWD value - subsequent reconnection<br>
attempts still prompt me for a password. From what I've been able to<br>
tell looking around, 1 is the correct value to send down, but I dunno...<br>
<br>
If anyone could help me out in figuring out why:<br>
<br>
A) the attr plugin doesn't seem to be working<br>
and<br>
B) if I'm sending down the value incorrectly in my hack inside modecfg.c<br>
<br>
it would be much appreciated.<br>
<br>
Thanks,<br>
<br>
Chris Zelenak<br>
<br>
<br>
<br></div></div><div class="im">
______________________________<u></u>_________________<br>
Users mailing list<br>
<a href="mailto:Users@lists.strongswan.org" target="_blank">Users@lists.strongswan.org</a><br>
<a href="https://lists.strongswan.org/mailman/listinfo/users" target="_blank">https://lists.strongswan.org/<u></u>mailman/listinfo/users</a><br>
</div></blockquote>
<br>
</blockquote></div><br></div>