[strongSwan] VPN from iPad to ubuntu-10.4

Michael Holstein michael.holstein at csuohio.edu
Fri Jun 24 20:45:45 CEST 2011

> found, that certificates can just be sent by email - there is no 
> USB connector, that's why I started with preshared keys.

The web also works for certificate distribution .. just use the correct
MIME type.

The better question is why are you trying to do L2TP when iOS supports
IPSEC natively? (unless you also want to support android .. which you
can't do with strongswan/crt anyway since android sends a borked id_ipv4
as an identifier)

LT2P is triple (and maybe quadruple) encapsulated ..

(packet) -> ppp -> lt2p -> ipsec -> ipsec-natt -> host

versus ..

(packet) -> ipsec -> host


(packet) -> ipsec -> ipsec-natt -> host


Michael Holstein
Cleveland State University

More information about the Users mailing list