<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
        {font-family:"Cambria Math";
        panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
        {font-family:Calibri;
        panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
        {font-family:"HP Simplified";
        panose-1:2 11 6 4 2 2 4 2 2 4;}
@font-face
        {font-family:"HP Simplified Light";
        panose-1:2 11 4 4 2 2 4 2 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0cm;
        margin-bottom:.0001pt;
        font-size:11.0pt;
        font-family:"Calibri","sans-serif";
        mso-fareast-language:EN-US;}
a:link, span.MsoHyperlink
        {mso-style-priority:99;
        color:#0563C1;
        text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
        {mso-style-priority:99;
        color:#954F72;
        text-decoration:underline;}
pre
        {mso-style-priority:99;
        mso-style-link:"HTML Preformatted Char";
        margin:0cm;
        margin-bottom:.0001pt;
        font-size:10.0pt;
        font-family:"Courier New";}
span.EmailStyle17
        {mso-style-type:personal-compose;
        font-family:"HP Simplified Light","sans-serif";
        color:windowtext;
        font-weight:normal;
        font-style:normal;
        text-decoration:none none;}
span.HTMLPreformattedChar
        {mso-style-name:"HTML Preformatted Char";
        mso-style-priority:99;
        mso-style-link:"HTML Preformatted";
        font-family:"Courier New";
        mso-fareast-language:EN-GB;}
.MsoChpDefault
        {mso-style-type:export-only;
        font-family:"Calibri","sans-serif";
        mso-fareast-language:EN-US;}
@page WordSection1
        {size:612.0pt 792.0pt;
        margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
        {page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-GB" link="#0563C1" vlink="#954F72">
<div class="WordSection1">
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"HP Simplified Light","sans-serif"">All,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"HP Simplified Light","sans-serif""><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"HP Simplified Light","sans-serif"">Having mastered getting Android and Windows 8 Devices connected to strongswan 5.0.4, my attention has turned to iOS.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"HP Simplified Light","sans-serif""><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"HP Simplified Light","sans-serif"">Specifically iOS 6.1.3 – as this is the only OS I have on my iDevices.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"HP Simplified Light","sans-serif""><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"HP Simplified Light","sans-serif"">I am trying to implement Certificate + Xauth authentication, however I am not having much luck.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"HP Simplified Light","sans-serif""><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"HP Simplified Light","sans-serif"">My connection profile for iOS has been taken from the guide on the Wiki -
</span><a href="http://wiki.strongswan.org/projects/strongswan/wiki/IOS_(Apple)">http://wiki.strongswan.org/projects/strongswan/wiki/IOS_(Apple)</a><o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div style="mso-element:para-border-div;border:solid #E2E2E2 1.0pt;padding:6.0pt 6.0pt 6.0pt 6.0pt;background:#FAFAFA;margin-left:19.2pt;margin-right:12.0pt">
<pre style="mso-margin-top-alt:12.0pt;margin-right:0cm;margin-bottom:12.0pt;margin-left:0cm;line-height:12.15pt;background:#FAFAFA;border:none;padding:0cm">    <span style="font-size:8.5pt;color:#36000C"># /etc/ipsec.conf - strongSwan IPsec configuration file<o:p></o:p></span></pre>
<p class="MsoNormal" style="mso-margin-top-alt:12.0pt;margin-right:0cm;margin-bottom:12.0pt;margin-left:0cm;line-height:12.15pt;background:#FAFAFA;border:none;padding:0cm">
<span style="font-size:8.5pt;font-family:"Courier New";color:#36000C;mso-fareast-language:EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:12.0pt;margin-right:0cm;margin-bottom:12.0pt;margin-left:0cm;line-height:12.15pt;background:#FAFAFA;border:none;padding:0cm">
<span style="font-size:8.5pt;font-family:"Courier New";color:#36000C;mso-fareast-language:EN-GB">config setup<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:12.0pt;margin-right:0cm;margin-bottom:12.0pt;margin-left:0cm;line-height:12.15pt;background:#FAFAFA;border:none;padding:0cm">
<span style="font-size:8.5pt;font-family:"Courier New";color:#36000C;mso-fareast-language:EN-GB">        #plutostart=yes<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:12.0pt;margin-right:0cm;margin-bottom:12.0pt;margin-left:0cm;line-height:12.15pt;background:#FAFAFA;border:none;padding:0cm">
<span style="font-size:8.5pt;font-family:"Courier New";color:#36000C;mso-fareast-language:EN-GB">        #nat_traversal=yes<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:12.0pt;margin-right:0cm;margin-bottom:12.0pt;margin-left:0cm;line-height:12.15pt;background:#FAFAFA;border:none;padding:0cm">
<span style="font-size:8.5pt;font-family:"Courier New";color:#36000C;mso-fareast-language:EN-GB"><o:p> </o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:12.0pt;margin-right:0cm;margin-bottom:12.0pt;margin-left:0cm;line-height:12.15pt;background:#FAFAFA;border:none;padding:0cm">
<span style="font-size:8.5pt;font-family:"Courier New";color:#36000C;mso-fareast-language:EN-GB">conn ios<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:12.0pt;margin-right:0cm;margin-bottom:12.0pt;margin-left:0cm;line-height:12.15pt;background:#FAFAFA;border:none;padding:0cm">
<span style="font-size:8.5pt;font-family:"Courier New";color:#36000C;mso-fareast-language:EN-GB">        keyexchange=ikev1<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:12.0pt;margin-right:0cm;margin-bottom:12.0pt;margin-left:0cm;line-height:12.15pt;background:#FAFAFA;border:none;padding:0cm">
<span style="font-size:8.5pt;font-family:"Courier New";color:#36000C;mso-fareast-language:EN-GB">        authby=xauthrsasig<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:12.0pt;margin-right:0cm;margin-bottom:12.0pt;margin-left:0cm;line-height:12.15pt;background:#FAFAFA;border:none;padding:0cm">
<span style="font-size:8.5pt;font-family:"Courier New";color:#36000C;mso-fareast-language:EN-GB">        xauth=server<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:12.0pt;margin-right:0cm;margin-bottom:12.0pt;margin-left:0cm;line-height:12.15pt;background:#FAFAFA;border:none;padding:0cm">
<span style="font-size:8.5pt;font-family:"Courier New";color:#36000C;mso-fareast-language:EN-GB">        left=10.1.0.1<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:12.0pt;margin-right:0cm;margin-bottom:12.0pt;margin-left:0cm;line-height:12.15pt;background:#FAFAFA;border:none;padding:0cm">
<span style="font-size:8.5pt;font-family:"Courier New";color:#36000C;mso-fareast-language:EN-GB">        leftsubnet=172.17.81.137/28<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:12.0pt;margin-right:0cm;margin-bottom:12.0pt;margin-left:0cm;line-height:12.15pt;background:#FAFAFA;border:none;padding:0cm">
<span style="font-size:8.5pt;font-family:"Courier New";color:#36000C;mso-fareast-language:EN-GB">        leftfirewall=no<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:12.0pt;margin-right:0cm;margin-bottom:12.0pt;margin-left:0cm;line-height:12.15pt;background:#FAFAFA;border:none;padding:0cm">
<span style="font-size:8.5pt;font-family:"Courier New";color:#36000C;mso-fareast-language:EN-GB">        leftcert=serverCert.pem<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:12.0pt;margin-right:0cm;margin-bottom:12.0pt;margin-left:0cm;line-height:12.15pt;background:#FAFAFA;border:none;padding:0cm">
<span style="font-size:8.5pt;font-family:"Courier New";color:#36000C;mso-fareast-language:EN-GB">        right=%any<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:12.0pt;margin-right:0cm;margin-bottom:12.0pt;margin-left:0cm;line-height:12.15pt;background:#FAFAFA;border:none;padding:0cm">
<span style="font-size:8.5pt;font-family:"Courier New";color:#36000C;mso-fareast-language:EN-GB">        rightid=”C=Test,O=Org,OU=IOS,CN=*”<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:12.0pt;margin-right:0cm;margin-bottom:12.0pt;margin-left:0cm;line-height:12.15pt;background:#FAFAFA;border:none;padding:0cm">
<span style="font-size:8.5pt;font-family:"Courier New";color:#36000C;mso-fareast-language:EN-GB">        #rightsubnet=10.0.0.0/24<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:12.0pt;margin-right:0cm;margin-bottom:12.0pt;margin-left:0cm;line-height:12.15pt;background:#FAFAFA;border:none;padding:0cm">
<span style="font-size:8.5pt;font-family:"Courier New";color:#36000C;mso-fareast-language:EN-GB">        rightsourceip=10.6.100.0/24<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:12.0pt;margin-right:0cm;margin-bottom:12.0pt;margin-left:0cm;line-height:12.15pt;background:#FAFAFA;border:none;padding:0cm">
<span style="font-size:8.5pt;font-family:"Courier New";color:#36000C;mso-fareast-language:EN-GB">        rightdns=172.17.81.142<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:12.0pt;margin-right:0cm;margin-bottom:12.0pt;margin-left:0cm;line-height:12.15pt;background:#FAFAFA;border:none;padding:0cm">
<span style="font-size:8.5pt;font-family:"Courier New";color:#36000C;mso-fareast-language:EN-GB">        #rightcert=clientCert.pem<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:12.0pt;margin-right:0cm;margin-bottom:12.0pt;margin-left:0cm;line-height:12.15pt;background:#FAFAFA;border:none;padding:0cm">
<span style="font-size:8.5pt;font-family:"Courier New";color:#36000C;mso-fareast-language:EN-GB">        #pfs=no<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:12.0pt;margin-right:0cm;margin-bottom:12.0pt;margin-left:0cm;line-height:12.15pt;background:#FAFAFA;border:none;padding:0cm">
<span style="font-size:8.5pt;font-family:"Courier New";color:#36000C;mso-fareast-language:EN-GB">        auto=add<o:p></o:p></span></p>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"HP Simplified Light","sans-serif"">My ipsec secrets has an entry for:<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"HP Simplified Light","sans-serif""><o:p> </o:p></span></p>
<div style="mso-element:para-border-div;border:solid #E2E2E2 1.0pt;padding:6.0pt 6.0pt 6.0pt 6.0pt;background:#FAFAFA;margin-left:19.2pt;margin-right:12.0pt">
<pre style="mso-margin-top-alt:12.0pt;margin-right:0cm;margin-bottom:12.0pt;margin-left:0cm;line-height:12.15pt;background:#FAFAFA;border:none;padding:0cm"><span style="font-size:8.5pt;color:#36000C">iosuser : XAUTH "password" <o:p></o:p></span></pre>
</div>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"HP Simplified Light","sans-serif"">When trying to connect I am getting a message saying no peer configuration found.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"HP Simplified Light","sans-serif""><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"HP Simplified Light","sans-serif"">Are there any known issues with connecting iOS devices? Or any update connection profiles that achieve what I am trying to specifically for Strongswan 5.0.4<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"HP Simplified Light","sans-serif""><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"HP Simplified Light","sans-serif"">Regards,<b><o:p></o:p></b></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"HP Simplified Light","sans-serif""><o:p> </o:p></span></p>
<p class="MsoNormal"><b><span lang="EN-US" style="font-size:9.0pt;font-family:"HP Simplified","sans-serif";color:black;mso-fareast-language:EN-GB">Andy Paton</span></b><span lang="EN-US" style="font-size:9.0pt;font-family:"HP Simplified","sans-serif";color:#717172;mso-fareast-language:EN-GB"><br>
<br>
</span><a href="http://www.hp.com/"><span style="font-size:9.0pt;font-family:"HP Simplified","sans-serif";color:#717172;mso-fareast-language:EN-GB;text-decoration:none"><img border="0" width="30" height="30" id="Picture_x0020_1" src="cid:image001.png@01CE719F.9ABC3F10" alt="HP"></span></a><span lang="EN-US" style="color:#0F243E;mso-fareast-language:EN-GB"><o:p></o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</body>
</html>